Pauley recommended several offerings from CISA, including its cybersecurity evaluation tools and cyber hygiene scan. He also found the Texas DIR to be particularly useful as it offers an incident response manual that can help schools prepare for and respond to a cyberattack.
Pauley also discussed the online search engine Shodan.io, a tool he called “terrifying” because threat actors can use it to explore any server connected to the internet. He suggested that schools play offense and use the tool to get clear on which of their servers need to be patched before bad actors discover the vulnerabilities.
WATCH NOW: School cybersecurity experts share cybersecurity best practices.
Use These Bare-Minimum Cybersecurity Practices Today
Even with funding challenges, Pauley said, all schools at a minimum should make sure they install multifactor authentication along with endpoint detection and response.
He shared how schools can improve their email security affordably using the Sender Policy Framework, an email authentication protocol. SPF provides a Domain Name System text record that limits emails from specific IP addresses or services.
Pauley also recommended KeePass, a free, open-source password manager that he says uses highly secure encryption algorithms. He then reiterated some best practices for passwords: include multifactor authentication, use unique passwords for every account, implement zero-trust architecture and segregate admin duties.
LEARN MORE: Why multifactor authentication should no longer be optional in K–12.
Cybersecurity Tools for Educators and Students
While Pauley’s session provided tools that IT professionals can use right away, he did not forget about educators and students. He noted that the Center for Infrastructure Assurance & Security at the University of Texas at San Antonio offers age-appropriate games, activity sheets, stickers and more for K–12 students.
He also mentioned that Microsoft Learn offers a broad range of online courses, including topics on cybersecurity, for technical staff, educators and students.
See Pauley’s full presentation here.