K12SIX-project-Doug_Levin-Eric_Lankford-threat_intel-edusec-p2

BrakeSec Education Podcast

English - March 01, 2022 06:48 - 52 minutes - 41.8 MB - ★★★★★ - 98 ratings
Tech News News Technology cisa cissp legal pentesting podcasts application compliance computersecurity cybersecurity education Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed

Previous Episode: K12SIX's Eric Lankford and Doug Levin on helping schools get added security -p1

Next Episode: Shannon Noonan and Stacey Cameron - process automation

For context, we at the K12 Security Information Exchange (K12 SIX) are a relatively new K12-specific ISAC – launched to help protect the US K12 sector from emerging cybersecurity risk. One of our signature accomplishments in our first year was the development and release of our ‘essential protections’ series – an effort to establish baseline cybersecurity standards for schools. See: https://www.k12six.org/essential-cybersecurity-protections https://www.grf.org/

Global Resilience Federation

We will help your industry develop or enhance a trusted threat information sharing community, obtain actionable intelligence, and support you in emergencies.

We all count on the resiliency of essential services - services from the electricity powering our homes and the connectivity of entertainment apps, to the legal systems and financial pipelines driving the global economy. But this infrastructure faces constant threats from hacktivists, criminals, and rogue states, and they are growing in sophistication.

Leveraging nearly 20 years of ISAC and ISAO expertise, GRF is a non-profit created to connect sharing communities, for mutual defense.

https://static1.squarespace.com/static/5e441b46adfb340b05008fe7/t/611d5fceff375d79ff4507c7/1629315022292/K12+SIX+Essential+Cybersecurity+Protections+2021+2022.pdf

https://theconversation.com/cybercriminals-use-pandemic-to-attack-schools-and-colleges-167619

https://edscoop.com/texas-school-paid-547k-ransomware-jam/

https://statescoop.com/ransomware-allen-texas-school-district-email-parents/

https://www.toptal.com/insights/innovation/cybersecurity-in-higher-education

https://www.highereddive.com/spons/inside-higher-educations-ransomware-crisis-how-colleges-and-universities/609688/

https://www.cnn.com/2022/01/07/politics/ransomware-schools-website/index.html

https://www.13abc.com/2021/02/22/toledo-public-school-students-seeing-effects-of-massive-data-breach/

2020 report: https://k12cybersecure.com/wp-content/uploads/2021/03/StateofK12Cybersecurity-2020.pdf

85-89% are underneath 2,500 students

Omg: https://www.edweek.org/leadership/education-statistics-facts-about-american-schools/2019/01

https://www.youtube.com/watch?v=otv0KzkfLSc –Florida mom, daughter accused of rigging homecoming queen votes break silence l GMA

There are 130,930 public and private K-12 schools in the U.S., according to 2017-18 data from the National Center for Education Statistics (NCES). Here’s how they break down:

All: 130,930 Elementary schools: 87,498 Secondary schools: 26,727 Combined schools: 15,804 Other: 901

What are some of the ways you go about addressing the challenge of even reaching smaller schools? Does the isac help?

How do you communicate major security events like log4j? Do you keep track of complications with certain software stacks?

Someone listening might say “hey, I’d love to help…” what/if any opportunities can the larger infosec community do to help your org?