What’s in the K–12 Blueprint Security Toolkit?
As we were putting this together, we also knew we couldn’t just focus on the tools. We had to look at the human side of security too. We relied on two key models — CoSN’s Trusted Learning Environment and the National Institute of Standards and Technology’s Cybersecurity Framework — and paired them together to create a resource bank that encourages an organizational shift toward better cybersecurity practices.
Here are some of the things you’ll find:
- Sample phishing email: Can faculty and staff in your district spot a phishing scam? If you’re not so sure, consider a phishing test, which involves sending out a fake email and measuring the response. We’ve included several sample emails that you can customize for your phishing campaign to help others better detect signs of a scam.
- District security self-assessment checklist: Use this checklist from CoSN to figure out where your district stands on security readiness. It takes into consideration numerous areas including district goals, security management implementation, perimeter defenses and user engagement and stakeholder communication.
- Data security advice for K–12 leaders: Data security is not just an IT problem. It should be a schoolwide effort. We’ve listed some tips for how school leaders can encourage that — from sending teachers to educational technology conferences to learn about cybersecurity best practices to implementing digital citizenship instruction for students.
- Guide on how to establish a zero-trust ecosystem: This covers best practices for adopting a zero-trust model, which is based on the idea that you shouldn’t trust anyone or anything that could breach data security — even those inside your own network. One piece of advice we offer is vetting every single device in a school’s network before granting access to it.
- Sample security presentation: We’ve also included a slideshow that IT leaders can modify to share cybersecurity information with people in their school district or even secure executive-level buy-in. It also explains why it’s important to build a secure cyber culture and how IT leaders, administrators, educators and other school staff can work together to do that.
Ultimately, we hope that this toolkit will show school districts how important it is to look at cybersecurity with a change management mindset.
This article is part of the “ConnectIT: Bridging the Gap Between Education and Technology” series. Please join the discussion on Twitter by using the #ConnectIT hashtag.