1. Cybersecurity - Strategy, Policy, and Practice:
A K-12 Cross Organizational Imperative
Panel discussion participants:
▪ Dr. Greg Ottinger
▪ Richard Quinones
▪ Lenny Schad
▪ Marlon Shears
Panel moderated by: Dr. Julie A. Evans, CEO, Project Tomorrow

2. Our discussion today:
▪ Let’s get real about the leadership disconnects in K-12 districts
about cybersecurity awareness and preparations
▪ Selected findings from the new Project Tomorrow – iboss
report on K-12 cybersecurity
▪ Experiential insights and wisdom from our panel of district
leaders and national thought leaders
▪ Additional resources for you!

3. Meet our panel of national thought leaders
▪ Dr. Greg Ottinger, former Chief Business Officer, San Diego Unified SD
▪ Richard Quinones, Senior Vice President, Business Development
Strategist/Thought Leadership, iboss
▪ Lenny Schad, Chief Information and Innovation Officer, District
Administration
▪ Marlon Shears, Chief Information Officer/Technology, Fort Worth
Independent SD

4. “Increasing the security posture within a school
district necessitates deliberate education of
executive leadership so that a common cultural
understanding about the importance of
cybersecurity is adopted across the organization.”
District Technology Leader
Addressing the Leadership Disconnects on Cybersecurity

5. 2021 Project Tomorrow – iboss National K-12 Education Cybersecurity Research Study
About the new research study:
o Part of the larger Speak Up Research Project
o Continuation of a focus on cybersecurity issues since 2017
o Impact of pandemic: increased dependence on technology + increased threat
environment required a deeper examination of the current attitudes and actions
o Call for feedback from K-12 district administrators and technology leaders in
January – May 2021
o 599 respondents from a diverse set of schools and districts nationwide
o Longstanding partnership with iboss

6. 2021 Project Tomorrow – iboss National K-12 Education Cybersecurity Research Study
Creating a Common Culture of
Action Around Cybersecurity
Results from the 2021 Project
Tomorrow – iboss National K-12
Education Cybersecurity Report
Pre-release of the new national report: special opportunity for you!
https://tomorrow.org/speakup/pdfs/Creating-a-Common-
Culture-of-Action-Around-Cybersecurity.pdf

7. Many thanks for you continued support!

8. ▪ Internet security and web filtering delivered in the
cloud with the largest cloud offering for schools
▪ The leader in K-12 internet security
▪ Currently securing the largest schools, consortiums
and state networks, including:
▪ Chicago Public Schools
▪ Boston Public Schools
▪ Houston ISD, Dallas ISD, Austin ISD, El Paso ISD,
▪ Connecticut Education Network, Utah Education
Network, etc.
▪ Millions of Windows, Apple and Chromebook devices
Secured
8
Students are the new network perimeter. Mobility,
cloud SaaS application use and exponentially
increasing bandwidth make appliance-based
internet security and web filtering strategies
unsustainable.
A shift to cloud-based internet security is no longer
optional and is a requirement to enable digital
learning in the cloud-first future.
About iboss
Industry Recognized as a Leader
For K-12

9. The Most Trusted Name in EDU Cybersecurity.
Trusted to Secure
Millions of Students
Trusted Partner –
Across the Most
State Contracts
Unsurpassed Scalability
and Innovation
▪ Secure more large schools than
any other EDU focused solution
▪ Proven deployments with over
1 million devices and 40+ Gbps
▪ More integration flexibility than
any other solution
▪ Backed by more patents than
any other EDU focused solution
Copyright © 2021 | iboss. All Rights Reserved.

10. About the Speak Up Research efforts
▪ To learn more about Speak Up
▪ To get a copy of today’s presentation
▪ To get a copy of the new report and
infographic
Please add your name and contact info to
our print sign in sheets or on this online
form.

11. 2021 Project Tomorrow – iboss National K-12 Education Cybersecurity Research Study
Three key insights from the research
1. An effective cybersecurity plan must be rooted in a shared and
realistic sense of concern, responsibility, and accountability
within the district.
2. The new technology dependence in K-12 education demands that
district leaders re-assess their approach to the management of
their technology assets, both human and digital. This has huge
implications for cybersecurity readiness and preparations.
3. Cybersecurity preparation begins with an understanding of the
need to walk the talk with increased funding to support both
readiness and mitigation efforts.

12. Insights from the new national report
1. An effective cybersecurity plan must be rooted in a shared and
realistic sense of concern, responsibility, and accountability
within the district.
We experienced a cyber event almost 2 years
ago that shut us down. As a district we all
went through the process of recovery
together. We have full support of our Cabinet
and Superintendent when it comes to keeping
our network and student data safe.
District Technology Leader

13. Insights from the new national report
1. An effective cybersecurity plan must be rooted in a shared and
realistic sense of concern, responsibility, and accountability
within the district.
What is your current level of concern regarding a potential cyber attack in your district?
13%
39%
46%
21%
44%
22%
Low concern
Moderate concern
High concern
District Administrators Technology Leaders

14. A successful cybersecurity strategy must be cross organizational
Who: All Executives and Board
IT, Operations, Facilities, Finance, Legal, Superintendent, Communications, Board
What: Proactive and Reactive
Planning, Preparation, and Incident Response
How:
Identify risk, communicate the facts, build consensus through partnership
What is job #1 to create an
effective cybersecurity strategy?
Panel discussion

15. Insights from the new national report
2. The new technology dependence in K-12 education demands that
district leaders re-assess their approach to the management of
their technology assets, both human and digital. This has huge
implications for cybersecurity readiness and preparations.
This is what has worked in our district.
Educate: Build awareness in users of their role
in managing risks. Mitigate: Implement robust
systems to protect data and networks.
Investigate: Provide tools to monitor and
determine system breaches.
District Technology Leader

16. Insights from the new national report
2. The new technology dependence in K-12 education demands that
district leaders re-assess their approach to the management of
their technology assets, both human and digital. This has huge
implications for cybersecurity readiness and preparations.
Are IT department staffing levels adequate to support cybersecurity?
Nearly 6 in 10 technology leaders say that their current staffing
for cybersecurity is not adequate to meet the needs of their district
to protect information assets and resources.

17. Need to look in the mirror to evaluate our
current preparation state for effective
cybersecurity
Develop and execute a comprehensive assessment of operational vulnerabilities
Conduct Districtwide Risk Assessment
PEN Testing
Formal Remediation
Strategy/Plan
Financial Forecasting
Staffing
Consult Outside Experts
Legal
Technical
Communication
Board
Superintendent
Cabinet
IT Department
Panel discussion

18. Insights from the new national report
3. Cybersecurity preparation begins with an understanding of the
need to walk the talk with increased funding to support both
readiness and mitigation efforts.
To address these issues, we need sustainability in
the funding for cybersecurity. When budgets are
squeezed, operational costs like cybersecurity are
the first to be hit. Additionally, district leaders need
to enthusiastically embrace and model good
cybersecurity habits and support the technology
leaders in setting expectations for staff. It cannot
just be the technology departments' problem.
District Technology Leader

19. Insights from the new national report
3. Cybersecurity preparation begins with an understanding of the
need to walk the talk with increased funding to support both
readiness and mitigation efforts.
24%
24%
18%
47%
Anticipated budget increase in 2021-22
Anticipated no change in 2021-22 budget
Budget increased in 2020-21
No change in the 2020-21 budget
Do our district budgets for cybersecurity reflect the reality of the situation?

20. How to close the
information and urgency
gap in our district
cybersecurity outlook
Creating a common culture of action around cybersecurity requires a proactive
approach by all leaders
Incident response planning
Cross-organizational cybersecurity committees
Training - IT and all district employees
Consistent transparency and communications
Education of the executive leadership
Commitment to “walk the talk”
Panel discussion

21. National Call to Action for Greater
Awareness and Action on K-12 Cybersecurity
To develop a common language and shared cross-organizational
culture within districts:
1. Why should cybersecurity be a district wide imperative?
2. How do build a shared culture around cybersecurity?
3. What are the best practices to support a healthy cybersecurity
posture within our districts?

22. National Call to Action for Greater
Awareness and Action on K-12 Cybersecurity
Planned activities for 2022 (more to follow):
▪ Discussions, sessions and events at several national conferences
▪ Thought leader articles and blog posts in key publications
▪ Direct support for K-12 district leadership teams
▪ Recommendations on best practices
▪ 2nd annual Project Tomorrow – iboss National K-12 Education
Cybersecurity Research Study (February – May 2022)

23. Speak Up reports, infographics, briefings and data
insights for schools and districts www.tomorrow.org
https://tomorrow.org/speakup/pdfs/Creating-a-Common-
Culture-of-Action-Around-Cybersecurity.pdf

24. iboss Online K-12 Streaming Resources
www.gotostage.com/channel/ibossEDU
Boston Public Schools
Early data/analytics allowed BPS to
identify and locate missing students
Carlsbad Unified School District
Leveraged Chromebook posture to advance
1:1 student learning across all grade levels
Lexington School District
Implemented CIPA compliant device take home
initiatives to leverage a direct to cloud security strategy
Charleston County Schools
Modernized IT Infrastructure to support mobile devices
District Exchange Webinar Series

25. About the Speak Up Research efforts
▪ To learn more about Speak Up
▪ To get a copy of today’s presentation
▪ To get a copy of the new report and
infographic
Please add your name and contact info to
our print sign in sheets or on this online
form.

26. Thank you for joining us today!
Let’s continue this conversation.
▪ Dr. Julie A. Evans, Chief Executive Officer, Project Tomorrow
▪ Dr. Greg Ottinger, former Chief Business Officer, San Diego Unified SD
▪ Richard Quinones, Senior Vice President, Business Development
Strategist/Thought Leadership, iboss
▪ Lenny Schad, Chief Information and Innovation Officer, District
Administration
▪ Marlon Shears, Chief Information Officer/Technology, Fort Worth
Independent SD

27. For more information, please contact:
Dr. Julie A. Evans
Chief Executive Officer, Project Tomorrow
@JulieEvans_PT
jevans@tomorrow.org
949-609-4660 voice