cybersecurity tips and tools · maximziing collaboration and communication regarding information...
TRANSCRIPT
![Page 1: CYBERSECURITY TIPS AND TOOLS · maximziing collaboration and communication regarding information security issues and resources which can be utzilied within the educational communtiesi](https://reader034.vdocuments.site/reader034/viewer/2022042304/5ecf176971cd98658b24fbc9/html5/thumbnails/1.jpg)
CYBERSECURITY TIPS AND TOOLSBASIC INCIDENT RESPONSEFrosty WalkerChief Information Security OfficerTexas Education [email protected](512) 463-5095
![Page 2: CYBERSECURITY TIPS AND TOOLS · maximziing collaboration and communication regarding information security issues and resources which can be utzilied within the educational communtiesi](https://reader034.vdocuments.site/reader034/viewer/2022042304/5ecf176971cd98658b24fbc9/html5/thumbnails/2.jpg)
The Data Security Advisory Committee (DSAC) provides guidance to the Texas education communities, maximizing collaboration and communication regarding information security issues and resources which can be utilized within the educational communities served.
Data Security Advisory Committee
The DSAC is currently comprised of representatives from school districts, ESC’s, TEA and the private sector.
![Page 3: CYBERSECURITY TIPS AND TOOLS · maximziing collaboration and communication regarding information security issues and resources which can be utzilied within the educational communtiesi](https://reader034.vdocuments.site/reader034/viewer/2022042304/5ecf176971cd98658b24fbc9/html5/thumbnails/3.jpg)
Texas Gateway https://www.texasgateway.org/
Cybersecurity Tips and Tools
![Page 4: CYBERSECURITY TIPS AND TOOLS · maximziing collaboration and communication regarding information security issues and resources which can be utzilied within the educational communtiesi](https://reader034.vdocuments.site/reader034/viewer/2022042304/5ecf176971cd98658b24fbc9/html5/thumbnails/4.jpg)
![Page 5: CYBERSECURITY TIPS AND TOOLS · maximziing collaboration and communication regarding information security issues and resources which can be utzilied within the educational communtiesi](https://reader034.vdocuments.site/reader034/viewer/2022042304/5ecf176971cd98658b24fbc9/html5/thumbnails/5.jpg)
• Discovery • Assemble Incident Response Team (potentially led by 3rd party vendor) • Internal Notification • Investigate and Remediate (potentially led by 3rd party vendor) • Contact authorities on a need to know basis • Employ vendors such as forensics, data breach resolution Law and PR
firms as needed (potentially led by 3rd party vendor) • Begin notification process, procure protection services for affected • Notification to affected parties (potentially led by 3rd party vendor
depending on contract terms) • Make public announcement with single point of contact (potentially led by
3rd party vendor depending on contract terms) • Respond to inquiries • Resume business as usual
LIFE CYCLE OF A CYBERSECURITY INCIDENT
![Page 6: CYBERSECURITY TIPS AND TOOLS · maximziing collaboration and communication regarding information security issues and resources which can be utzilied within the educational communtiesi](https://reader034.vdocuments.site/reader034/viewer/2022042304/5ecf176971cd98658b24fbc9/html5/thumbnails/6.jpg)
Rule # 1 for Incident Response
![Page 7: CYBERSECURITY TIPS AND TOOLS · maximziing collaboration and communication regarding information security issues and resources which can be utzilied within the educational communtiesi](https://reader034.vdocuments.site/reader034/viewer/2022042304/5ecf176971cd98658b24fbc9/html5/thumbnails/7.jpg)
Have a plan!
![Page 8: CYBERSECURITY TIPS AND TOOLS · maximziing collaboration and communication regarding information security issues and resources which can be utzilied within the educational communtiesi](https://reader034.vdocuments.site/reader034/viewer/2022042304/5ecf176971cd98658b24fbc9/html5/thumbnails/8.jpg)
Texas DIR Incident Response Team Redbook
Where can I get a plan?
https://www.texasgateway.org/resource/cybersecurity-tips-and-tools
![Page 9: CYBERSECURITY TIPS AND TOOLS · maximziing collaboration and communication regarding information security issues and resources which can be utzilied within the educational communtiesi](https://reader034.vdocuments.site/reader034/viewer/2022042304/5ecf176971cd98658b24fbc9/html5/thumbnails/9.jpg)
![Page 10: CYBERSECURITY TIPS AND TOOLS · maximziing collaboration and communication regarding information security issues and resources which can be utzilied within the educational communtiesi](https://reader034.vdocuments.site/reader034/viewer/2022042304/5ecf176971cd98658b24fbc9/html5/thumbnails/10.jpg)
![Page 11: CYBERSECURITY TIPS AND TOOLS · maximziing collaboration and communication regarding information security issues and resources which can be utzilied within the educational communtiesi](https://reader034.vdocuments.site/reader034/viewer/2022042304/5ecf176971cd98658b24fbc9/html5/thumbnails/11.jpg)
![Page 12: CYBERSECURITY TIPS AND TOOLS · maximziing collaboration and communication regarding information security issues and resources which can be utzilied within the educational communtiesi](https://reader034.vdocuments.site/reader034/viewer/2022042304/5ecf176971cd98658b24fbc9/html5/thumbnails/12.jpg)
![Page 13: CYBERSECURITY TIPS AND TOOLS · maximziing collaboration and communication regarding information security issues and resources which can be utzilied within the educational communtiesi](https://reader034.vdocuments.site/reader034/viewer/2022042304/5ecf176971cd98658b24fbc9/html5/thumbnails/13.jpg)
![Page 14: CYBERSECURITY TIPS AND TOOLS · maximziing collaboration and communication regarding information security issues and resources which can be utzilied within the educational communtiesi](https://reader034.vdocuments.site/reader034/viewer/2022042304/5ecf176971cd98658b24fbc9/html5/thumbnails/14.jpg)
![Page 15: CYBERSECURITY TIPS AND TOOLS · maximziing collaboration and communication regarding information security issues and resources which can be utzilied within the educational communtiesi](https://reader034.vdocuments.site/reader034/viewer/2022042304/5ecf176971cd98658b24fbc9/html5/thumbnails/15.jpg)
![Page 16: CYBERSECURITY TIPS AND TOOLS · maximziing collaboration and communication regarding information security issues and resources which can be utzilied within the educational communtiesi](https://reader034.vdocuments.site/reader034/viewer/2022042304/5ecf176971cd98658b24fbc9/html5/thumbnails/16.jpg)
Entity Contact Name Office Email Pesonal Email Phone
TEA
ESC
School Board Members
LegalSuperintendent
Cybersecurity Insurance provider
Principal
Chief Technology Officer
Cybersecurity Coordinator
Communication Escalation
![Page 17: CYBERSECURITY TIPS AND TOOLS · maximziing collaboration and communication regarding information security issues and resources which can be utzilied within the educational communtiesi](https://reader034.vdocuments.site/reader034/viewer/2022042304/5ecf176971cd98658b24fbc9/html5/thumbnails/17.jpg)
Rule # 2 for Incident Response
![Page 18: CYBERSECURITY TIPS AND TOOLS · maximziing collaboration and communication regarding information security issues and resources which can be utzilied within the educational communtiesi](https://reader034.vdocuments.site/reader034/viewer/2022042304/5ecf176971cd98658b24fbc9/html5/thumbnails/18.jpg)
Know your plan!
![Page 19: CYBERSECURITY TIPS AND TOOLS · maximziing collaboration and communication regarding information security issues and resources which can be utzilied within the educational communtiesi](https://reader034.vdocuments.site/reader034/viewer/2022042304/5ecf176971cd98658b24fbc9/html5/thumbnails/19.jpg)
https://www.texasgateway.org/resource/cybersecurity-tips-and-tools
Cybersecurity Tips and Tools –Incident Response, Being Prepared—Session 4
![Page 20: CYBERSECURITY TIPS AND TOOLS · maximziing collaboration and communication regarding information security issues and resources which can be utzilied within the educational communtiesi](https://reader034.vdocuments.site/reader034/viewer/2022042304/5ecf176971cd98658b24fbc9/html5/thumbnails/20.jpg)
• Record the date and time when the breach was discovered, as well as the current date and time when response efforts begin, i.e. when someone on the response team is alerted to the breach.
• Alert and activate everyone on the response team, including external resources, to begin executing your preparedness plan.
• Secure the premises around the area where the data breach occurred to help preserve evidence.
• Stop additional data loss. Take affected machines offline but do not turn them off or start probing into the computer until your forensics team arrives.
• Document everything known thus far about the breach: Who discovered it, who reported it, to whom was it reported, who else knows about it, what type of breach occurred, what was stolen, how was it stolen, what systems are affected, what devices are missing, etc.
FIRST 24 HOUR CHECK LIST
![Page 21: CYBERSECURITY TIPS AND TOOLS · maximziing collaboration and communication regarding information security issues and resources which can be utzilied within the educational communtiesi](https://reader034.vdocuments.site/reader034/viewer/2022042304/5ecf176971cd98658b24fbc9/html5/thumbnails/21.jpg)
• Interview those involved in discovering the breach and anyone else who may know about it. Document your investigation.
• Review protocols regarding disseminating information about the breach for everyone involved in this early stage.
• Assess priorities and risks based on what you know about the breach. • Bring in your forensics firm to begin an in-depth investigation. • Notify law enforcement, if needed, after consulting with legal counsel
and upper management.
FIRST 24 HOUR CHECK LIST(continued )
![Page 22: CYBERSECURITY TIPS AND TOOLS · maximziing collaboration and communication regarding information security issues and resources which can be utzilied within the educational communtiesi](https://reader034.vdocuments.site/reader034/viewer/2022042304/5ecf176971cd98658b24fbc9/html5/thumbnails/22.jpg)
• Alert Notifications
• Issue Investigation - Internal
• Findings Communications – Internal
• Remediation Communications -Internal
• Third Party Communications
• Leadership Communications – Internal
• Media Communications
• Breach Notification
Communications to Consider
![Page 23: CYBERSECURITY TIPS AND TOOLS · maximziing collaboration and communication regarding information security issues and resources which can be utzilied within the educational communtiesi](https://reader034.vdocuments.site/reader034/viewer/2022042304/5ecf176971cd98658b24fbc9/html5/thumbnails/23.jpg)
Cybersecurity Tips and Tools – Crisis Communication during a Cybersecurity Incident – Session 10
https://www.texasgateway.org/resource/cybersecurity-tips-and-tools
![Page 24: CYBERSECURITY TIPS AND TOOLS · maximziing collaboration and communication regarding information security issues and resources which can be utzilied within the educational communtiesi](https://reader034.vdocuments.site/reader034/viewer/2022042304/5ecf176971cd98658b24fbc9/html5/thumbnails/24.jpg)
Rule # 3 for Incident Response
![Page 25: CYBERSECURITY TIPS AND TOOLS · maximziing collaboration and communication regarding information security issues and resources which can be utzilied within the educational communtiesi](https://reader034.vdocuments.site/reader034/viewer/2022042304/5ecf176971cd98658b24fbc9/html5/thumbnails/25.jpg)
Practice your plan!
![Page 26: CYBERSECURITY TIPS AND TOOLS · maximziing collaboration and communication regarding information security issues and resources which can be utzilied within the educational communtiesi](https://reader034.vdocuments.site/reader034/viewer/2022042304/5ecf176971cd98658b24fbc9/html5/thumbnails/26.jpg)
https://www.texasgateway.org/resource/cybersecurity-tips-and-tools
Step by Step Playbook for a two-day exercise with Gap Analysis questionsTwo simple exercises included on Texas Gateway portal
Cybersecurity Tips and Tools –Practice, Practice, Practice –Session 11
![Page 27: CYBERSECURITY TIPS AND TOOLS · maximziing collaboration and communication regarding information security issues and resources which can be utzilied within the educational communtiesi](https://reader034.vdocuments.site/reader034/viewer/2022042304/5ecf176971cd98658b24fbc9/html5/thumbnails/27.jpg)
HB3834 Update
![Page 28: CYBERSECURITY TIPS AND TOOLS · maximziing collaboration and communication regarding information security issues and resources which can be utzilied within the educational communtiesi](https://reader034.vdocuments.site/reader034/viewer/2022042304/5ecf176971cd98658b24fbc9/html5/thumbnails/28.jpg)
https://dir.texas.gov/View-About-DIR/Information-Security/Pages/Content.aspx?id=154#list
Security Awareness Training Certification (HB 3834)
This site will be updated weekly.
![Page 29: CYBERSECURITY TIPS AND TOOLS · maximziing collaboration and communication regarding information security issues and resources which can be utzilied within the educational communtiesi](https://reader034.vdocuments.site/reader034/viewer/2022042304/5ecf176971cd98658b24fbc9/html5/thumbnails/29.jpg)
Training Program Name Training Program ProviderAlterity Cybersecurity Awareness Program Alterity Solution, Inc.Security Awareness CapgeminiSecurity Awareness Training Encore Support Systems, LPSecurity Awareness Essentials Challenge Global Learning SystemsSecurity First Solutions - Elite Inspired eLearning LLCKnowBe4 Security Awareness Training KnowBe4Cyber Awareness LeaderQuest Holdings, IncLinkedin Learning Cyber Security Courses LinkedIn CorporationTexas Association of Counties Cybersecurity Awareness Training MediaPRO
ThreatAdvice Cyber-Security Education NXTsoft Cyber Security SolutionsOptiv - Security Awareness Circuit Training Optiv SecurityOptiv - CyberBOT Optiv SecurityOptiv - Rapid Awareness Optiv SecurityCJIS Security Awareness Training Peak Performance SolutionsTX-3834 SANS Security Awareness Program SANS InstituteSCAN13 Training Program SCAN13Information Security: How To Recognize, Respond, and Prevent Threats to Your Data Strategic Government Resources
Syntient Security Awareness Program Syntient Systems, LLC.PII Protect Technology Assets, LLC. DBA, Global Asset
Vendor Training Programs
![Page 30: CYBERSECURITY TIPS AND TOOLS · maximziing collaboration and communication regarding information security issues and resources which can be utzilied within the educational communtiesi](https://reader034.vdocuments.site/reader034/viewer/2022042304/5ecf176971cd98658b24fbc9/html5/thumbnails/30.jpg)
Training Program Name Training Program ProviderCybersecurity Awareness Training for Educators ESC 16) Education Agency, TexasCISD Cyber Security Awareness Training Canyon ISDSecurity and Accessibility Awareness Training Coordinating Board, Higher Education3001: Information Security Awareness Texas A&M University System AdministrationInformation Security Basics Texas Engineering Extension Service (A&M)Cybersecurity Awareness Training Texas Tech UniversityCybersecurity Awareness Training Texas Tech University SystemCybersecurity Awareness at TWC Texas Workforce CommissionCybersecurity at TxDOT Transportation, Department of
Secure Our Systems
University of Houston, University of Houston -Clear Lake, University of Houston - Downtown, University of Houston - Victoria, University of Houston System Administration
SCT100 FY 2019-2020 Information Security Compliance University of Texas at San AntonioFY2020 Information Security Training University of Texas Southwestern Medical Center
In-House Approved Training Programs
![Page 31: CYBERSECURITY TIPS AND TOOLS · maximziing collaboration and communication regarding information security issues and resources which can be utzilied within the educational communtiesi](https://reader034.vdocuments.site/reader034/viewer/2022042304/5ecf176971cd98658b24fbc9/html5/thumbnails/31.jpg)
Questions?