Acture's Saratoga Track event was a day full of serious technical and security discussions from NYS and industry experts, followed by a fun day of continued discussions at the racetrack. It was insightful and fun.
If you missed it, you missed a lot.
However, we do have a recording of our cybersecurity update presentation below.
This presentation, was delivered by Senior Technical Advisor and vCISO Scott Quimby (CISSP), outlines the rapidly evolving cybersecurity landscape facing school districts and emphasizes the urgent need for modernized defenses.
1. Context & Historical Analogy
The presentation draws parallels between 18th‑century British military failures and today’s cybersecurity challenges. Just as William Pitt restructured military strategy to reverse British fortunes by leveraging greater resources, localized defenses, strategic alliances, and disruptive targeting, school districts must rethink their approach to modern cyber threats.
2. Why Cybersecurity Must Evolve
Traditional layered security models are no longer sufficient as AI‑driven attacks, cloud‑based data, and new threat vectors expand risk. Schools must defend both legacy systems and cloud ecosystems while adopting tools capable of rapid detection and automated response.
3. “You Will Be Breached” – The New Reality
The presentation reinforces that breaches are inevitable, highlighting multiple recent incidents involving:
- Business Email Compromise (BEC) in M365 and Google Apps
- MFA token theft
- SEO poisoning and malicious ads
- A full ransomware event enabled by poor EDR coverage
These examples illustrate how attackers exploit human behavior, misconfigurations, and visibility gaps.
4. The Critical Need for 24x7 Monitoring (SOC)
According to the analysis, every documented attack could have been mitigated—or completely prevented—with continuous Security Operations Center monitoring. SOC services detect impossible travel, abnormal logins, malicious cloud actions, and firewall anomalies quickly enough to stop exfiltration and ransomware deployment.
5. AI: A Double‑Edged Sword
Threat actors are now using AI to generate flawless phishing campaigns, bypass spam filters, steal credentials, and manipulate users. Examples include OAuth-2-based intrusions, hidden malicious links, and AI-guardrail bypasses.
Conversely, AI aids defenders by identifying unknown vulnerabilities, evaluating domain reputation, analyzing behavior patterns, and enhancing SOC triage.
6. Strengthening Defenses: Penetration Testing & Security Fundamentals
Acture Solutions recommends multi‑layered validation:
- Vulnerability scans
- Full penetration testing
- Automated network assessments
These tests uncover real‑world weaknesses before attackers find them. In addition, Quimby emphasizes “blocking and tackling” basics, such as patching, robust EDR with SOC, DNS filtering, spam sandboxing, conditional access, MFA, controlled browser extensions, and verified backups.
7. Future Direction & Continued Education
The presentation stresses that cybersecurity remains the foremost priority for districts. Upcoming security discussions—including the ISC2 World Security Congress—will focus heavily on securing AI, cloud infrastructure, and hybrid environments.
You can watch the recording here.
You must be logged in to post a comment.