Cyber Security

Ohio Department of Education Cyber Security Resources

Ohio Department of Education

Mission

The Ohio Department of Education Cyber Security Steering Committee will improve upon the information security posture of all School Districts in Ohio, raising their programs to a common level, developing technically-skilled professionals and leaders within the School Districts and Information Technology Centers who strengthen information security through innovative and flexible approaches to implementation.

Vision

The Ohio Education Computer Network is a secure, highly available computing environment, designed for the purpose of storing and processing sensitive student information, backed by a nation-leading information security program.

Multi-State Information Sharing and Analysis Center (MS-ISAC) Cyber Alert Level

The mission of the MS-ISAC is to improve the overall cybersecurity posture of the nation’s state, local, tribal and territorial governments through focused cyber threat prevention, protection, response, and recovery.

Cyber Attacks Occur Everyday

Cyber attacks against K-12 schools are a common occurrence. This interactive map is a record of incidents reported since 2016.
Map and data provided by The K-12 Cybersecurity Resource Center

Security Functions Chart

An Information Security Program is a combination of many processes, procedures, and tools that work together to protect the critical assets of an organization.  This chart is a visual representation of many of those functions.  Ideally, an organization should be able to identify a tool, vendor, or partner relationship that addresses each of these functions.

Security Function Chart
Click to Enlarge

Activities to Develop Your Security Program

Identify

  • Asset Management
    • Inventory of systems
  • Account Management
    • Strong Passwords

Protect

  • Remote Access
  • Multi-factor Authentication
  • Network segmentation
  • Endpoint Protection
  • System Backups
  • Patching / Maintenance

Detect

  • Vulnerability Scanning
  • Intrusion detection / Prevention
  • SIEM (Security Information Event Management)

Respond

  • Incident Response Plan
  • Security Awareness Training
  • Phishing campaigns

Recover

  • Business Continuity
  • Restore Systems
  • Recovery Planning
  • Communication Plans
WordPress Appliance - Powered by TurnKey Linux