[VDOE] FRIDAY CYBER - September 11, 2020 - Cyber News and Views for VA Schools

Virginia Department of Education sent this bulletin at 09/11/2020 06:10 PM EDT

9/11/20

This Week: Next Generation Firewalls

Hi. My name is Tim Tillman and I am the Chief Information Security Officer (CISO) for the VDOE. Our team of cybersecurity analysts support the security program of the VDOE. I am excited to provide this email resource to you. Together, we can make our cybersecurity posture in Virginia's K-12 schools strong and a model to be admired.

Contact me at tim.tillman@doe.virginia.gov

News

We read a lot of articles and blogs on security. Here are a few items we found to share that help reinforce this week's topic.

Technological Innovations Defining the Future of Cybersecurity and the New Normal for Businesses
With the advancement of technology comes the inevitable increased sophistication of cyber-attacks. Over the past few years, we have witnessed the increased scalability of cybercrime and by 2021, it is predicted that damages from cybercrime would amount to $6 trillion.
Remote Learning During Pandemic Brings Privacy Risks

The coronavirus pandemic is adding another wrinkle to an already unusual back-to-school season: privacy risks. The mass shift to remote learning in many U.S. school districts is pushing students to use apps and other digital tools that could expose personal data such as names, locations and device identifiers, according to privacy experts.

Learning

Twenty-four years ago, I helped set up a firewall. It was a Cisco PIX firewall running Finese and it was housed at the school board office of Hanover County Public Schools. For both the school division and me, it was a first. For the network engineer on staff, it was a welcome challenge to protect our T1 access to the Internet.

Using the word "helped" may be implying that I had more input as a 19-year-old technician than was actually true. I was there. I watched and I loved every minute of it. The firewalls of those days were packet inspectors and traffic officers. They inspected packets, ports, and ip addresses and applied basic rules to allow/deny traffic. That was all they could do, generally. This was actually considered the second or third generation of firewall technology - depending on who you ask.

We have been told for years that the migration and integration of cloud services will make the firewall obsolete. What has actually happened is that networks have gotten 10 times more complicated than we ever thought possible and firewalls are still very much a major source of protection and comfort. In a recent annual survey (State of the Firewall Report 2019), Firemon asked C-level executives about the importance of firewalls. Ninety-five percent of respondents said the firewall was still a critical piece of hardware in their environments, no matter the state of their cloud migrations.

There are many types and configurations of firewalls. You can choose software-based, hardware-based, purpose-built, parent/child, etc. For our discussion, let's assume your network has a single firewall that protects your network from the Internet and vice/versa. For perimeter protection of a school division network, hardware firewalls are king. Most of our school divisions have only one Internet connection and one firewall. Therefore, the choice of functionality is paramount.

Today's firewalls (classified as "next-generation") are part of a unified threat management (UTM) strategy. UTM implies that a single physical device performs the functions of many previously separated devices or applications. Integrated features can include virus scanning, deep packet inspection, ssl decryption, intrusion detection and prevention, content filtering, VPN access, behavior analytics, and malware detection. Newer firewalls can even focus on application-layer inspection and can connect with outside resources for instantaneous response to growing, imminent, and zero-hour threats. I'm not always a fan of including so many functions in one device as it creates a single point of failure and reliance, but smaller school divisions may relish having only one device to install and configure.

Next Generation Firewalls allow organizations to achieve network transparency, reduce vulnerabilities, and conserve network performance. Next Generation Firewalls stop threats and prevent data leakage by providing policy-based visibility and control over applications, users and threats, unlike the traditional port-based method. Application identification, application control, and the best threat prevention are all provided with a Next Generation Firewall.

SecurEdge

We have been (and will continue) talking about building your school division's security posture. We could also call it a security program. It's the combined efforts, the layers, of your defense shields. The layers expand from basic policies and procedures to software and hardware controls to incident response that could involve law enforcement, media, and criminal investigations. If your school division is not using a firewall that can provide more than just an access control list, you are missing out on the opportunity to have actionable intelligence and additional safeguards to protect your network and the basic concept of due care (doing what a reasonable person in your position would be expected to do) is not being followed.

Budget season is fast approaching. Is it time to upgrade your firewall? Is it time to activate new features of your firewall? Is it time to upgrade or train your personnel to support a next generation firewall?

Some of our school divisions are much more advanced than these newsletters may ever address. I understand that, of course. Hanover County replaced that PIX years ago - HA! The majority, however, are still emerging and trying to find the resources and knowledge they need to be successful. Together, we all can build an environment where Virginia's schools are more secure.

Community

Contribute

Do you have cyber-related news or information that you think would be helpful for all Virginia schools and technology staff? Any specific topics to discuss? Send an email to Tim Tillman, CISO.

Share this newsletter with staff and faculty. Encourage colleagues to sign up for VDOE newsletters here.

Join

If you are a technology leader in your school division, consider joining the non-profit group Consortium for School Networking (CoSN). The advocacy, research, reports, and training that are generated from the organization are very valuable. You can join CoSN as an individual member or your school district can join. CoSN is also the creator of the Certified Education Technology Leader (CETL) certification and the Trusted Learning Environment (TLE) seal. Many of your colleagues (like me!) and neighboring school divisions have already attained these credentials. Could you be next?

The K-12 Cybersecurity Resource Center helps to spread the word about reported K-12 cybersecurity incidents and raise awareness of attacks and mitigation strategies. You can learn from the experiences of others.

Stay Connected with the Virginia Department of Education

This service is provided to you at no charge by the Virginia Department of Education. Update your subscriptions, modify your password or email address, or stop subscriptions at any time on your Subscriber Preferences Page. You will need to use your email address to log in. If you have questions or problems with the subscription service, please visit Subscriber Help.