Cyber Security

Ohio Department of Education Cyber Security Resources

Department of Education & Workforce

Mission

The Ohio Department of Education Cyber Security Steering Committee will improve upon the information security posture of all School Districts in Ohio, raising their programs to a common level, developing technically-skilled professionals and leaders within the School Districts and Information Technology Centers who strengthen information security through innovative and flexible approaches to implementation.

Vision

The Ohio Education Computer Network is a secure, highly available computing environment, designed for the purpose of storing and processing sensitive student information, backed by a nation-leading information security program.

Contacts – Who To Call

Your Information Technology Center (ITC) is your first line of defense for cyber security protection. As your technology partner, your ITC relentlessly defends your district from cyber security attacks. If you have a question about cyber security, need help getting started, or need to consult an expert, reach out to your ITC.

Multi-State Information Sharing and Analysis Center (MS-ISAC) Cyber Alert Level

The mission of the MS-ISAC is to improve the overall cybersecurity posture of the nation’s state, local, tribal and territorial governments through focused cyber threat prevention, protection, response, and recovery.

These cyber security resources are a collaborative effort of the Ohio Department of Education’s Cyber Security Steering Committee

The Center for Internet Security, the Department of Homeland Security, Filament Essential Services, Information Technology Centers, the Management Council of the OECN, MS-ISAC, OARnet, Ohio CoSN, Ohio Department of Education, Ohio National Guard, and Ohio school districts.

Cyber Attacks Occur Everyday

Cyber attacks against K-12 schools are a common occurrence. This interactive map is a record of incidents reported since 2016.
Map and data provided by The K-12 Cybersecurity Resource Center
Used with permission from K12six.org

Security Functions Chart

An Information Security Program is a combination of many processes, procedures, and tools that work together to protect the critical assets of an organization.  This chart is a visual representation of many of those functions.  Ideally, an organization should be able to identify a tool, vendor, or partner relationship that addresses each of these functions.

Security Function Chart
Click to Enlarge

Activities to Develop Your Security Program

Identify

  • Asset Management
    • Inventory of systems
  • Account Management
    • Strong Passwords

Protect

  • Remote Access
  • Multi-factor Authentication
  • Network segmentation
  • Endpoint Protection
  • System Backups
  • Patching / Maintenance

Detect

  • Vulnerability Scanning
  • Intrusion detection / Prevention
  • SIEM (Security Information Event Management)

Respond

  • Incident Response Plan
  • Security Awareness Training
  • Phishing campaigns

Recover

  • Business Continuity
  • Restore Systems
  • Recovery Planning
  • Communication Plans
WordPress Appliance - Powered by TurnKey Linux