At the Office of Digital Teaching and Learning we serve in a consultive role and strive to connect our local education agencies with security resources. On this webpage you will find a variety of resources for your security needs.
The State of Arizona currently has a program that provides cyber resources to local and tribal government entities in Arizona. Starting in July 2022, the State of Arizona is seeking to expand their support to also cover K12 public districts in Arizona, at no cost for the schools! The included resources are:
Anti-Phishing / Security Awareness Training (SAT)
Advanced Endpoint Protection (AEP)
Multi-Factor Authentication (MFA)
Web Application Firewall (WAF)
Converged Endpoint Management (XEM)
We are looking to capture your interest in participating in this upcoming program. Priority will be given to smaller and less-resourced organizations in the order of when requests are received. For school districts that wish to participate in the grant program, please complete the Arizona Local & Tribal Governments Cyber Readiness Program Participation Request Form.
* Note: this program is managed by the Arizona Department of Homeland Security.
The FBI, CISA, and the MS-ISAC have recently observed Vice Society actors disproportionately targeting the education sector - specifically K12 - with ransomeware attacks. Technical details and mitigation measures are provided.
The K-12 Cyber Incident Map is a great tool that can help your LEA stay up to date with the latest cyber security information in your area. This map is an interactive visualization of cybersecurity-related incidents reported about U.S. K-12 public schools and districts from 2016 to the present. ‘Cyber’ incidents include:
unauthorized disclosures, breaches or hacks resulting in the disclosure of personal data (purple pins);
ransomware attacks (yellow pins);
phishing attacks resulting in the disclosure of personal data (blue pins);
denial-of-service attacks (green pins); and
other cyber incidents resulting in school disruptions and unauthorized disclosures (red pins).
The Cybersecurity and Infrastructure Security Agency (CISA) announced this week it has compiled and published a list of free cybersecurity services and tools to help organizations reduce cybersecurity risk and strengthen resiliency. This non-exhaustive living repository includes services provided by CISA, widely used open source tools, and free tools and services offered by private and public sector organizations across the cybersecurity community.
CISA also strongly recommends organizations take the following foundational measures:
CISA encourages network defenders to take the steps above and consult the list of free cybersecurity services and tools to reduce the likelihood of a damaging cyber incident, detect malicious activity, respond to confirmed incidents, and strengthen resilience. As a reminder, CISA encourages all organizations to review our new Shields Up webpage to find recommended actions on protecting their most critical assets.
We know cybersecurity can be alot to tackle so we have resources to help you get started! For a cyber readiess esentials starter kit click the button below
CISA Best Practices: This site is getting a lot of traffic lately and provides some great, high-level tips on what entities should be doing to protect themselves and their most critical assets, especially in the face of increased threats from Russia.
IT and Security Policy Templates: this site contains all of the State IT and Security policies. The Information Security policies start with section P8000: Information Security, and templated versions of each document are provided. Each policy is separated out by each type of security control so entities can filter.
K12 Six: a non-profit membership group that has free resources available designed specifically for K12 schools.
Essential protections – In cybersecurity, there will always be issues. These outlined essential protections will help schools avoid incidents. Take the time to read this!
In this workshop, Arizona LEAs will be trained in the foundations of student data privacy and accessibility and how to utilize a rubric to vet applications. Other criteria for vetting applications will be incorporated into the training including the following: interoperability with existing applications, teacher and student ease of use, and instructional relevance and purpose. Using the TrustEd Apps Management Suite (TAMS) from 1EdTech, the Arizona LEAs will collaborate on the best practices for sharing the use of digital learning tools and resources with other educators in their schools and districts and will learn strategies for providing professional development in digital learning for their colleagues.