Cybersecurity: eSN Innovation Roundtable

Cybersecurity is arguably one of the highest priorities in K-12 school districts across the country. IT leaders agree that a “when, not if” mentality is essential when formulating a K-12 cybersecurity strategy to keep school networks and sensitive information protected from hackers, phishing, ransomware and other external threats (and internal).

During an eSchool News Innovation Roundtable focused on cybersecurity, moderated by eSchool News Content Director Kevin Hogan, district IT leaders explored the challenging and ever-evolving topic of K-12 cybersecurity. Roundtable participants included:

• Phil Hintztechnology Director, Niles Township (IL) District 219
• Greg LimperisDirector of technology, Lowell Public Schools (MA)
• sandra paulDirector of Information technology, Township of Union Public Schools (NJ)
• Mohamed SalehAssociate Director of technology and Management Information Systems, Paterson (New Jersey) Public Schools
• Pablo SanfrancescoDirector of technology, Owen J. Roberts School District (PA)

Key takeaways and insights from the roundtable include:

Multi-factor authentication (MFA) is absolutely critical to your school district's cybersecurity strategy.

“The MFA is the easiest thing to do,” Sanfrancesco said. “It will be his first line of defense and it is the easiest, cheapest and most effective at the moment.”

Discussions about MFA can often encounter roadblocks, but working with unions can help clear up resistance or misunderstandings when district staff members don't want to give access to personal devices or request alternative methods of MFA.

“I showed up to the union and told them how passionate I am about cybersecurity, and it's not just for the staff members, it's not just for the union members, but it's also for the students,” Saleh said. “You most likely have confidential student information in your email. It is our job, collectively, to ensure that information is secure. It is our responsibility. Fortunately, we got some acceptance for this. “We have seen more people enabling MFA and it is now mandatory.”

Managing the humans in your district can be as challenging (if not more, at times) than the various programs, tests, and monitoring solutions you have implemented.

Often, IT leaders deal with a few staff members who are not tech-savvy and who resist change.

“We have to find ways to make their lives easier, because for some of them, their skills are very limited, they've been teaching for 40 years and they didn't grow up with technology. We are going to have to work hard in training,” said Limperis.

Networking is key.

“Increase your knowledge base,” Sanfrancesco said. “There are many free systems and entities. Become part of a network. Having the ability to network with someone else or with other people who are doing the same thing” is essential.

“Networking is something very important to me; I wouldn't be where I am now if I hadn't gained knowledge from the people around me,” Saleh said.

When in doubt, choose a starting point.

“Just do one thing at a time,” Hintz said, noting that NIST, K-12 Six and CoSN are great starting points for approaching a K-12 cybersecurity strategy. “You have to start with the end in mind. If you just jump in and get started, you can begin to lay out a roadmap. Plan it (with) your team and make sure you defend it to your cabinet first, so everyone is on board. Cast that vision and then start that vision. Plan the work and then work the plan.”

Know your tools and resources.

Here's a look at some of the solutions and professional organizations these IT leaders use to maintain network security and stay up to date:

Related:
Here's how to protect schools from cyberattacks in 2024
Stay up to date on the latest news in K-12 technology innovation
For more cybersecurity news, visit eSN's IT Leadership Center

Laura Ascione is the editorial director of eSchool Media. She graduated from the prestigious Philip Merrill School of Journalism at the University of Maryland.

Latest messages from Laura Ascione (see everything)