As education undergoes continuous digital transformation, these creators, collaborators and innovators are excelling as ed tech leaders.
Todd Pauley, Deputy CISO and Cybersecurity Coordinator at the Texas Education Agency, shares his top budget-friendly cybersecurity resources.
Taashi Rowe is the managing editor for EdTech: Focus on K-12 magazine.
Taashi Rowe is the managing editor for EdTech: Focus on K-12 magazine.
There is no doubt that even with competing priorities, cybersecurity is top of mind for school districts. However, budget constraints can make it tough for K–12 schools to fully address all their cybersecurity concerns. That could explain why the “Cybersecurity on a Shoestring” session at TCEA 2023 in San Antonio was jampacked.
“The average school spends less than 8 percent of its IT budget on cybersecurity, with 1 in 5 schools committing less than 1 percent,” notes a 2022 report from the Center for Internet Security and the Multi-State Information Sharing and Analysis Center.
In the session, Todd Pauley, deputy CISO and cybersecurity coordinator at the Texas Education Agency, shared a list of free resources designed to help schools address and fill the budget gaps that districts might face.
“There are some tough situations,” Pauley shared. “Schools have so many priorities that they must meet that, unfortunately, a lot of times cybersecurity doesn’t make it to the top.”
He added that “there are no universal requirements in K–12 for cybersecurity, and funding can vary from state to state.”
Click the banner to access exclusive content on educational tech when you register as an Insider.
Schools often find a glut of cybersecurity information on the web that they must carefully comb through and then determine if it’s viable and trustworthy. Pauley’s presentation was focused on cutting through the noise and sharing vetted resources.
Many of Pauley’s resources were federal and state websites, such as the federal Cybersecurity and Infrastructure Security Agency, MS-ISAC and the Texas Dept of Information Resources. Schools may not be aware of the wide array of information and support available from these government agencies.
The percentage of its IT budget that the average K–12 school spends on cybersecurity, with 1 in 5 schools committing less than 1 percent
Pauley recommended several offerings from CISA, including its cybersecurity evaluation tools and cyber hygiene scan. He also found the Texas DIR to be particularly useful as it offers an incident response manual that can help schools prepare for and respond to a cyberattack.
Pauley also discussed the online search engine Shodan.io, a tool he called “terrifying” because threat actors can use it to explore any server connected to the internet. He suggested that schools play offense and use the tool to get clear on which of their servers need to be patched before bad actors discover the vulnerabilities.
WATCH NOW: School cybersecurity experts share cybersecurity best practices.
Even with funding challenges, Pauley said, all schools at a minimum should make sure they install multifactor authentication along with endpoint detection and response.
He shared how schools can improve their email security affordably using the Sender Policy Framework, an email authentication protocol. SPF provides a Domain Name System text record that limits emails from specific IP addresses or services.
Pauley also recommended KeePass, a free, open-source password manager that he says uses highly secure encryption algorithms. He then reiterated some best practices for passwords: include multifactor authentication, use unique passwords for every account, implement zero-trust architecture and segregate admin duties.
LEARN MORE: Why multifactor authentication should no longer be optional in K–12.
While Pauley’s session provided tools that IT professionals can use right away, he did not forget about educators and students. He noted that the Center for Infrastructure Assurance & Security at the University of Texas at San Antonio offers age-appropriate games, activity sheets, stickers and more for K–12 students.
He also mentioned that Microsoft Learn offers a broad range of online courses, including topics on cybersecurity, for technical staff, educators and students.
See Pauley’s full presentation here.
Todd Pauley, Deputy CISO and Cybersecurity Coordinator at the Texas Education Agency, shares his top budget-friendly cybersecurity resources at TCEA 2023 in San Antonio.
The room was jampacked for Todd Pauley’s TCEA 2023 session on budget-friendly cybersecurity resources.
Todd Pauley, Deputy CISO and Cybersecurity Coordinator at the Texas Education Agency, shares his top budget-friendly cybersecurity resources at TCEA 2023 in San Antonio.
The room was jampacked for Todd Pauley’s TCEA 2023 session on budget-friendly cybersecurity resources.
Todd Pauley, Deputy CISO and Cybersecurity Coordinator at the Texas Education Agency, shares his top budget-friendly cybersecurity resources at TCEA 2023 in San Antonio.
The room was jampacked for Todd Pauley’s TCEA 2023 session on budget-friendly cybersecurity resources.
Todd Pauley, Deputy CISO and Cybersecurity Coordinator at the Texas Education Agency, shares his top budget-friendly cybersecurity resources at TCEA 2023 in San Antonio.
The room was jampacked for Todd Pauley’s TCEA 2023 session on budget-friendly cybersecurity resources.
Join EdTech as we provide written coverage of TCEA 2023. Bookmark this page and follow us on Twitter @EdTech_K12.
Management
Answers to Commonly Asked E-Rate Questions for K–12 Leaders
Management
TCEA 2023: Texas School District Shares 12 Tips for Success with a 1:1 Program
Visit Some Of Our Other Technology Websites:
Tap into practical IT advice from CDW experts.
Visit the Research Hub
Copyright © 2023 CDW LLC 200 N. Milwaukee Avenue, Vernon Hills, IL 60061
Do Not Sell My Personal Information