Resources

We have all heard the phrase “A chain is only as strong as its weakest link”. When it comes to Cyber Security that phrase is all too true. Sometimes a Cyber Attack comes in via something that appears small (like a user clicking on an email link). Sometimes that small thing is an unused userid that […]

Last weekend my youngest daughter started a new baton program on Saturday mornings. Sitting there I realized I have been taking at least one of my four daughters to baton for the last 22 years across two different teams in two different towns.

In August of 2021, CISA added “Single Factor Authentication” to its list of practices it considers “exceptionally risky” as it exposes you to an “unnecessary risk from threat actors”. Your district auditors and the NYS Comptroller’s Office technology auditors are most likely pestering you about your multi-factor authentication (MFA) strategies and beginning to ding you […]

Far too often we hear people say “I don’t need to worry about security tools and training, I have Cyber Insurance”. While this doesn’t apply to everyone, we did want to take the time this week to talk about why Cyber Insurance isn’t enough to give your district the protection it needs and deserves.

Whether you are a sports enthusiast, a volunteer, or part of a work team, you have experienced first-hand the importance of good teamwork. We have all experienced what happens when a team works together, and when a team does not.

Business Email Compromise (BEC) has become a security buzzword. It simply means using email to attack and gain access to your network. *Phishing* or *Spearphishing* are other terms you will hear. It has been estimated that 70% of the attacks against most sites come from email.

Welcome back! It was a very busy summer for all of us. Summer and the start of the school year felt much more “normal” to us. Putting my parent hat on, my youngest’s third-grade teacher approached me and told me she wished she had a classroom full of my daughter.

  This week I would like to talk to you about Malware Defenses. This topic is in the NIST Detect and Protect categories. Antivirus has been around for what seems like forever. However, as long as antivirus has existed, we have had the problem with getting it on “all” servers and “all” endpoints.

  As mentioned in last week’s Tech Tidbit, we have begun a new series of weekly bulletins sent to School Business Officials giving them more information on the changing Cybersecurity landscape and how the NIST Cybersecurity Framework can help them increase their security while complying with the Ed Law 2-d guidelines.

  This week I’d like to talk a little bit about the NIST Category – Recover. According to NIST, the Recover Category “identifies appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity incident.