Ari Flewelling (right), Professional Development Manager for CDW Education, hosted a cybersecurity panel at CITE 2022.

Nov 30 2022

CITE 2022: Overcome Security Challenges and Prepare for 2023’s Growing Threats

Experts discussed the ways K–12 IT leaders can approach common cybersecurity hurdles, such as the lack of funding and support for stronger security measures.

K–12 schools are facing high stakes when it comes to cybersecurity. Cyberattacks not only put student and staff data at risk, but they’re also expensive and can threaten a district’s reputation. News of successful K–12 ransomware attacks spreads quickly, which may be one reason district IT leaders are looking for any way to mitigate the threats.

The interest in cybersecurity was evident in Long Beach at this year’s California IT in Education conference. Security-focused breakout sessions at CITE 2022 filled quickly, and Wednesday’s keynote featured cybersecurity expert John Sileo.

Experts in cybersecurity sessions spoke at length about how to overcome current challenges to building a stronger security posture in K–12 schools, including the need for additional resources and stakeholder support.

Click the banner to stay up to date on CITE coverage when you sign up as an Insider.

Invest in Security Resources to Proactively Avoid Cyberattacks

If increasing, high-profile ransomware attacks didn’t emphasize the need for stronger cybersecurity measures, cyber insurance requirements did. However, in a panel discussion Tuesday called “Identifying the Risks and Challenges of Cybersecurity,” hosted by CDW Education’s Professional Development Manager Ari Flewelling, speakers discussed why, often, meeting insurance requirements alone isn’t enough.

“There’s a difference between a checkmark in an audit box and mitigating risk,” said panelist Steven Allison, a field CISO at CDW.

It’s better to pay for a more comprehensive security solution because, while it might be more expensive, it won’t be nearly as costly as a successful cyberattack. If there is a breach, the money will be there. “It takes the incident to create the incident-based spending,” Allison said, but IT departments can try to get that money for prevention.

School districts can also stretch their cybersecurity budgets by bringing in security consultants instead of hiring full-time staff. Many districts are finding it difficult to fill vacant security positions because K–12 institutions can’t pay these specialists as much as the private sector can. However, bringing in a part-time virtual CISO or other security consultant can give districts an expert’s perspective without busting the budget.

REVIEW: Read about the IT leadership and newest technologies at the CITE 2022 conference.

Educate Stakeholders on Cybersecurity Risks and Solutions

Acquiring the necessary funding up front for cybersecurity is often a matter of getting the right stakeholders to understand the risks cyberattacks pose.

“There needs to be support from the top,” said Jon Carrino, director of technology services at William S. Hart Union High School District. “When resources aren’t available because there’s no support from the school board or superintendents, those initiatives become impossible.”

One challenge is that, frequently, board members, superintendents and other administrators don’t have an IT background. This makes it more difficult to convey the importance of proactively mitigating risks.

“Make sure you’re able to communicate the ‘why,’” said Brandon Weber, IT director for the Lancaster School District, adding that it can be helpful to collaborate with the teacher’s union and its leaders. “If they’re on your side, things go far more smoothly.”

Photography by Rebecca Torchia

aaa 1

Register