On behalf of the entire CSI team, I want to wish you a very happy holiday season. Hopefully, you can enjoy some downtime with friends and family and maybe do something fun. We are very thankful for all of you allowing us to support your technology and security needs all these years in K-12. It means a lot.
However, I would be remiss if I did not remind you to remain vigilant.
Christmas morning last year I had an unwelcome present. Our friends at Huntress called me to tell me that a malicious bot had come through and landed inside a network. The Huntress 24/7/365 Security Operations Center (SOC) team saw it and reported it. It is a horrible feeling when you know someone bad is standing inside your house - whether they did anything or not. It was of course a vulnerability that had a patch available that was not yet applied.
Leveraging our arsenal of tools, we locked the door and killed it, and no harm came to that site.
However, it did vividly remind me that the bad guys are working overtime knowing that many of you have some downtime and many districts have either limited or no technical staff on-site. I believe I have had that same experience with a serious threat to a site on at least 80% of the major holidays over the last three years.
I am thankful for the SOCs that are watching over us when we are enjoying our family. I am thankful for our vulnerability tools to bring these critical issues to the forefront quickly so we are not giving the bad guys easy access.
Those of you who came to our Cybersecurity Event heard our nationally and internationally known Cybersecurity keynote speaker Morgan Wright say, "You don't have to solve every problem. You have to solve the right problem."
Having 24x7x365 visibility into and out of your network is the right problem to solve. Knowing where the weaknesses are and promptly patching them is the right problem to solve.
If you don't have a SOC backing up your technical team and don't have vulnerability scanners showing you where the holes are, you should. But we'll talk about that next year.
In the meantime, over the holidays I would like you to accomplish these tasks with whatever staff you have working next week.
1 - Scan everything with whatever your preferred tool is to scan.
2 - Patch as much as you can reasonably do for both the OS, third-party apps, and BIOS.
3 - Test and calibrate your UPSes (on a calm day with no weather or wind predicted).
4 - Read your backup logs.
5 - Read your firewall logs.
Next week CSI is closed Monday, but open Tuesday - Friday for normal business hours. As always, our after-hours emergency support line is available for our clients or on the holidays.
Have a wonderful holiday season.
-Scott Quimby, CISSP