Heroes at Work is a three-part series featuring excerpts from conversations with the grand prize winners of the 2021 eSchool Media K-12 Hero Awards program, sponsored by Trox. Click through for the full interview:
Here, eSchool News highlights Florida’s Brevard Public Schools–one of three K-12 Hero Awards winners. Keep reading this interview with Barrett Puschus, Director of Information Technology for Brevard Public Schools, to discover how the district navigated a cybersecurity attack and keeps learning going in the middle of a global pandemic.
eSN: It’s pretty brave of you to talk about cybersecurity practices. Not a lot of districts will. How did the break-in go down?
BP: As far as talking about it, I believe we can’t succeed in isolation and we shouldn’t fail in isolation. So this is kind of a tale of both. We were notified of the event and we jumped on it and we kicked him out. We got him out before the ransom happened, but it really opened our eyes to our vulnerability—how easy it was for them to get in.
They didn’t exploit some zero-day issue on one of our external servers. They didn’t have any clever IP attack or anything like that. They just sent an attachment to somebody in accounts receivable, they opened it, and our virus blocked it. So she replied to the email and said, “Hey, it didn’t work.” So he tried to change up and the change-up got through.
They were in our system for probably 45-60 days before we knew anything. Thankfully we found out about it and got them out ahead of time. We weren’t one of the stories where we were ransomed and had to restore from backups or anything like that. Thank goodness.
eSN: So when it comes to network protection, it is as much about the human side as it is the techy side?
BP: So that’s tough, especially as I said, we’ve got a small group, so tools like PDQ help us handle the algorithm side. We can keep things patched. We can query to see what versions we’re running—all the boring stuff. I call it the nerd stuff, the stuff that’ll put most people to sleep.
And we’re a big organization. I think we’re right around 10,000 employees. And any organization that has 10,000 employees has turnover. So keeping employees trained is a constant task, just keeping everybody aware. We’ve expanded password requirements. We’re doing multifactor authentication across the board. Everybody from a teacher to a district-wide administrator is using multifactor. We’re launching phishing simulations. And that’s kind of fun. You get to put on your black hoodie and then you design up a quick little phish scenario and toss it out to a group of people and see if you can fool people.
We use a combination of software and scripting and people just to try to keep an eye on things. But my core group at the network level is very small. It’s a dozen people. And, as such, we all wear a lot of hats. It’s a very agile group—I don’t have one person that’s in charge of servers and one person that’s in charge of the firewall—everyone does everything. So when it was time to act, we were able to get everybody moving pretty quickly.
eSN: What advice would you give to a district embarking on defending itself against cyberattack?
BP: I would say, you’ve got to budget your time, just like you would budget your dollars. You’ve got to look at your time and say, you know, what’s important. Yes, putting out the fires is important, but you have to have time to be proactive, to analyze your security posture, and to continuously try to improve it. It doesn’t have to be weeks and weeks at a time. It can be two hours every third Friday. But it’s something you’ve got to do, because if it’s not in the front of your mind, how can it be in the front of everyone else’s mind or even on their mind at all?
- How to Reduce Chronic Absenteeism in Schools - November 1, 2024
- American teens awash in conspiracy theories, cynical about news media - October 31, 2024
- How to Empower Students to Navigate Politics and Media Bias in the 2024 Election - October 25, 2024