[VDOE] FRIDAY CYBER - September 25, 2020 - Cyber News and Views for VA Schools

Virginia Department of Education sent this bulletin at 09/25/2020 02:00 PM EDT

9/25/20

*** SAVE THE DATE ***

We invite Virginia K-12 technology and administrative leaders to join us for a webinar discussing Ransomware in our schools on October 22, 2020 at 2pm. A representative from FBI Richmond will present content as well as answer questions. Discussion will include mitigation strategies, incident handling, and best practices. Register early! Attendance via registration only, maximum 500 attendees.

Click to Register

This Week: The Art of Cyber Resilience

Hi. My name is Tim Tillman and I am the Chief Information Security Officer (CISO) for the VDOE. Our team of cybersecurity analysts support the security program of the VDOE. I am excited to provide this email resource to you. Together, we can make our cybersecurity posture in Virginia's K-12 schools strong and a model to be admired.

Contact me at tim.tillman@doe.virginia.gov

News

We read a lot of articles and blogs on security. Here are a few items we found to share that help reinforce this week's topic.

Ransomware Attacks: The Major Cause of Cyber Insurance Claims in H1 2020
A report published by Coalition, a provider of cyber insurance services in North America, revealed that ransomware incidents accounted to 41% of cyber insurance claims filed in the first six months of 2020.
Cybercriminals Strike Schools Amid Pandemic

Just days before the Aug. 3 scheduled start of school, officials at the Athens Independent School District in East Texas received a shock. Cybercriminals had attacked the district’s entire computer network, encrypting all the data and demanding $50,000 in ransom for its release. Access to everything from teacher communications to student assignments was blocked.

Learning

This week, I asked our newest Cybersecurity Analyst, Ashleigh Holmes, to contribute to the Friday Cyber archives. Ashleigh told me she really enjoyed performing the research and writing up this section. I hope you enjoy too!

The word resilience comes from the Latin word resiliens which means the act of rebounding. This is the foundation of cyber resilience, which is the perspective that a strong security program is one that is able to bounce back from a cyber attack, data breach, or any type of interruption of service. The framework’s elasticity comes from the dynamic utilization of many offensive and defensive security measures in order to help an organization continue operations during a security disaster or recover data from back-ups quickly after the likely event of a cyber attack. This mentality differs from cyber security which combines a configuration of policies and procedures with security hardware and software with the hope that all the risks have been mitigated if an attack were to occur.

Cyber resilience acknowledges that threat agents will always have the advantage in cyber warfare because they will know when an attack will occur and accepts the fact that cyber attacks are always imminent.

Cyber security relies on risk assessments to evaluate an organization's ability to stop cyber threats and attacks. Cyber resilience focuses on appraising an organization's ability to actively handle threats while continuing operations or recovering after one. The perspectives are similar, but cyber resilience pushes an organization to think of security as an ongoing process, rather than a compliance task to be completed once a year.

A strong and cyber resilient security program will R.A.P.P.

Respond to the turbulent environment of the internet with constant analysis, planning, and communication.
Actively focus on protecting the business and not just the data by emphasizing the importance of availability and recovery by backing up data daily.
Prepare for an attack by continuing to perform risk assessments, identifying threats and vulnerabilities through the year.
Protect its users and data with physical and technical controls but also with innovative and engaging security awareness training. It will detect intrusions with vulnerability scans, and vigilantly perform regular maintenance.

How well is your school division prepared to bounce back after an attack? How prepared are you to continue critical operations in the face an attack? Have you incorporated cyber resilience strategies into your Disaster Recovery strategies?

Community

Contribute

Do you have cyber-related news or information that you think would be helpful for all Virginia schools and technology staff? Any specific topics to discuss? Send an email to Tim Tillman, CISO.

Share this newsletter with staff and faculty. Encourage colleagues to sign up for VDOE newsletters here.

Join

If you are a technology leader in your school division, consider joining the non-profit group Consortium for School Networking (CoSN). The advocacy, research, reports, and training that are generated from the organization are very valuable. You can join CoSN as an individual member or your school district can join. CoSN is also the creator of the Certified Education Technology Leader (CETL) certification and the Trusted Learning Environment (TLE) seal. Many of your colleagues (like me!) and neighboring school divisions have already attained these credentials. Could you be next?

The K-12 Cybersecurity Resource Center helps to spread the word about reported K-12 cybersecurity incidents and raise awareness of attacks and mitigation strategies. You can learn from the experiences of others.

Stay Connected with the Virginia Department of Education

This service is provided to you at no charge by the Virginia Department of Education. Update your subscriptions, modify your password or email address, or stop subscriptions at any time on your Subscriber Preferences Page. You will need to use your email address to log in. If you have questions or problems with the subscription service, please visit Subscriber Help.