Shad McGaha, director of technology for Belton ISD in Texas, has a simple principle that guides the work he and his technology staff do in the district.
“Everything that affects education in our classrooms has top priority,” he says. This mantra served as McGaha's north star as she implemented a district-wide cybersecurity plan that includes regular staff training and more secure storage solutions. For this and other efforts, McGaha was recently honored with an Innovative CTO Award as part of the tech & Learning program. Innovative Leader Awards during the Regional Leadership Summit in Baltimore.
McGaha was drawn to education because of her long-standing love of working with children. “From my early days as a camp counselor to volunteering in Sunday school, I found joy in helping young minds grow,” she says. “During college, I got a job in the after-school program at my local YMCA, where I continued to learn and contribute. Although I knew that teaching was not my calling, I discovered another passion: technology. I was fascinated by computers, networks and electronics. So, I earned a bachelor's degree in Business Computing Information Systems. After graduating, my first position was as a desk technician at a local school. “Over time, I climbed the ladder.”
He adds: “What fulfills me most is knowing that our daily work directly impacts the teachers and students of our district.”
Below, McGaha shares the strategies that have made Belton ISD's district-wide cybersecurity plan so successful.
Developing a comprehensive cybersecurity plan for schools: phishing awareness campaigns and staff training
One of McGaha's first initiatives focused on threat identification. “We implement regular phishing awareness campaigns to educate all staff members on how to recognize and avoid phishing attempts,” McGaha says. “In addition, comprehensive training sessions were conducted to enhance their cybersecurity awareness.”
Rather than being one thing, these efforts continue. “We prioritize continuing education and training by conducting workshops, webinars and awareness campaigns for staff, students and parents,” she says. “Strong password policies encourage strong, unique passwords and multi-factor authentication. Regular application of security patches keeps our systems up to date.”
Staffing study, incident response plan and more
Early in the process, McGaha conducted a comprehensive staffing study to assess the suitability of the network's current staff. “This analysis helped identify any gaps or areas of improvement in our cybersecurity team,” she says.
He then collaborated with that team to develop a detailed incident response plan that outlines clear procedures for handling security incidents quickly and effectively. He also sought additional support beyond the district.
“We hired a consultant who worked closely with us to create a comprehensive cybersecurity plan. This plan addresses risk management, threat mitigation and proactive measures,” says McGaha.
Secure data storage
McGaha and his team recognized the need to replace outdated backup hardware and software. “As part of our upgrade, we invested in Dell hardware, known for its reliability and performance,” he says. “Our choice for backup software fell on Rubrik, a robust solution that offers efficient data protection and management. Rubrik not only streamlines backups but also provides seamless integration with cloud storage.”
This integrated approach adds an additional layer of protection. “By combining these updates, we have significantly strengthened the security of our storage system, ensuring data integrity and availability,” he says.
Data privacy agreement standardization
Data privacy is increasingly important given the number of learning applications in use. McGaha's cybersecurity plan recognizes this.
“We established a standard data privacy agreement for all software used within our district. This ensures that privacy and data protection are consistently prioritized across all applications and platforms,” he states.
Additionally, the district established a software research committee responsible for examining any new software proposed for use within the district. “This process ensures that only safe and reliable tools are adopted,” says McGaha.
The research process for new technologies is comprehensive. “First, we conduct a needs assessment to understand specific educational goals and challenges,” McGaha says. “Next, we meticulously research and evaluate potential solutions, considering factors such as functionality, ease of use, and support. “Data security and privacy are top priorities, ensuring compliance with relevant regulations.”
Once a tool goes through this phase, the district tests the technology with features and gathers feedback on its usability and impact. “Finally, we carefully weighed the costs and benefits, evaluating the long-term viability of the technology,” says McGaha. “Establishing a feedback loop ensures continuous improvement, enhancing teaching and learning experiences.”
