Resources

CISA in their January and August 2023 Bulletins again called out some of the most important ways that schools can protect themselves from cyber attacks. In both reports, CISA suggested that schools start their Cybersecurity journey by implementing six of the Highest-priority security measures.

As we attempt to harden our networks and strengthen our passwords, I wanted to bring up something again I have talked about in various settings. Password lock-out policies. Since the beginning of time, we have had a basic password lock-out policy.

Recently it was worldwide “change your password” day! I have a few thoughts. If you attended the CSI CyberSecurity event in December, you heard the NYS SED CISO get caught up in the incongruent password guidance between NYS and NIST CSF. Unfortunately, there was no breakthrough in this discussion, but NYS SED heard you that […]

Would you be comfortable giving your plumber the key to your house so he/she can come in at any time to fix anything they might feel is amiss? The answer is probably no. Did you know that when you give a vendor unfettered access to your network you are essentially doing the same thing? Similarly, […]

Happy Spring! As Spring break looms for most of you, I once again need to be a killjoy and remind you of a stark reality. Whenever you and your team are enjoying some downtime and have more limited staffing, the bad guys are working extra shifts trying to break into your and your peer’s networks.

I know of three CIAs: The Central Intelligence Agency (CIA) The Hudson Valley’s Culinary Institute of America (CIA) The Triad of Information Security – Confidentiality, Integrity, and Availability (CIA) The first chapter of every Certified Information Systems Security Professional (CISSP) training is always about this Triad of Information Security.

Please join us on Wednesday, March 8th, as Scott Quimby delivers a special update addressing the current K-12 cybersecurity challenges, NIST Cybersecurity Framework (CSF) alignment as it relates to Ed Law 2-d, and NEW actions to improve your district’s security posture, help you with documentation, and measure your technology teams productivity.

It seems like Cyber Attacks are happening everywhere these days. Whether it’s a national news report of an attack against a company that has your credit card information or local news reporting a school district like yours that’s been hit with a ransomware/data breach, these stories are plentiful.

Everyone knows the adage “No one is perfect”. Unfortunately for anyone with a computer network, the bad actors who want to infiltrate your system are ready to take full advantage of any mistake they can find. The Cybersecurity and Infrastructure Security Agency (CISA) knows this, as they called out CPG 1.E (Mitigate Known Exploited Vulnerabilities) in […]

Join Cisco and CSI for a very special upcoming webinar. We will be joined by several specialists from Cisco (including Cisco Talos) who will discuss the dangers of spyware, deep links, content manipulation, malware, and keyloggers, and how to protect your school district from these threats.