Cybersecurity Crisis Response Groups: How They Can Keep your District Secure
A cyber crisis can happen at any time, even with the best cybersecurity policies and protections in place. All it takes is one wrong click or one misplaced password and your school’s networks, servers, and other mission critical data can become exposed.
In the event of a cyber incident, who ya gonna call? Unfortunately, the Ghostbusters can’t help you here. But your friends and peers sure can.
Duane Shaffer knows that fact better than most. While with Morrison CUSD 6, Duane started a cyber crisis response group to help nearby school districts prepare for and bounce back from a cyber incident.
We sat down with Duane to discuss his experiences, and highlight why every K-12 district should take part in a cyber crisis response group:
What is a cyber crisis response group?
What do they do?
Duane Shaffer: Essentially, a cyber crisis response group is a local/regional team of IT professionals that coordinate resources for managing a cyber incident.
Typically, these groups consist of members with wide-ranging expertise, from cybersecurity and data privacy to networking, data backup/recovery, and more. Together, those experts work to ensure that no single member has to fight a cyber battle on their own or go through the recovery and rebuilding process alone.
What role can a K-12 cyber crisis response group play
in the event of a cyber attack?
Duane: Let’s say a district finds itself in the middle of a cyber attack, but can’t uncover the attack’s source. As a member of a crisis response group, they can get on the phone with a fellow group member or members and work through strategies for stabilizing the situation – kind of like a 911 operator.
These groups aren’t just an asset in the middle of a crisis. In the wake of a data breach, for example, crisis response group members can collaborate to help a member’s district rebuild their network, set up a new DNS or configure a new domain.
Whatever a district needs to get back up and running digitally, a well-oiled crisis response group can ensure it happens without any further risk or delay.
For K-12 IT teams, what are some of the benefits
of participating in a cyber crisis response group?
Duane: Anyone who has spent time in the K-12 IT sphere knows first hand how unique it is compared to the private sector. The stakes are rising, the priorities are different, and quite often, you find that many smaller districts only have one IT staff member.
All of that and more makes dealing with a cyber crisis a much bigger job for K-12 tech teams. Having a network of people to go to in those situations – all of whom understand where you’re coming from and have experience working in your world – is invaluable.
Read LevelEDup for More
Want to read more of this interview, including Duane’s tips for starting your own cybersecurity crisis response group?
Read the Spring issue of LevelEDup magazine, the LTC’s quarterly digest of the marquee news, topics, and trends from the edtech world and Illinois’ robust edtech community. Each issue is FREE and comes packed with resources and insights geared toward every edtech role, including IT staff, K-12 teachers, coaches, and district leaders.
Subscribe to LevelEDup today to get each new issue sent directly to your inbox on the day it publishes.
Duane Shaffer is currently the Network and Information Technology Specialist for the LTC.