Providing Advanced Persistent Protection for Cybersecurity

Wannacry. Heartbleed. Sasser. These are just some of the worldwide cyberattacks that have made it increasingly obvious to those of us working as technical professionals in the K-12 education sector. What can the information technology professional do to secure our school systems’ information infrastructure?
 
This seven-week facilitated online course will help IT staff learn the fundamentals of IT security and improve their understanding of enterprise security issues.  The content is comprised of three modules – 1) Network Security, 2) Risks and Controls, and 3) Vulnerabilities and Mitigation. 
 
9 CEA credits toward CETL® recertification.

Course Facilitator

Amy McLaughlin has twenty+ years’ experience building, implementing, and securing information systems in K-12, higher education and government sectors. She is currently the Project Director of CoSN's Cybersecurity and Smart Education Networks by Design (SEND) initiatives and has 15+ years' of Chief Information Security Officer/Technology Director experience. As a CISO, she has been responsible for protecting data covered by a broad range of federal and state regulations including HIPAA, FERPA, and IRS 1075. Amy has a strong interest in the intersection of technology, information security, psychology, privacy and civil rights. She has served as the State of Oregon E-Rate coordinator, led the development of Oregon's K12 data policies to support gender non-conforming students, and participated in the drafting of the Oregon Identity Theft Protection Act.   

2020 Spring Facilitated Course Syllabus
Class time is 3:00 – 4:00 PM EST

Registration is closed. Please check back for information on a summer class soon! 

March 25, 2020

  • Welcome & Introductions
  • Network Security
    • The OSI Model
    • The Basics
    • Elements of a Secure Network
      • Firewall, Proxy, Router, Switch, Load Balancer
      • Security Web Gateway, IDS & IPS, Spam Filter, VPN, Sniffer

April 1, 2020

  • Network Security (cont.)
    • Seven Domains of IT Infrastructure
    • Network Risk Types
    • Network Security Principals
    • Firewalls
    • Network Access Control
    • WiFi Security

April 8, 2020

  • Risk & Controls
    • Basic Security Principals
    • Controls
    • Inventory Devices & Software
    • Configurations
    • Vulnerability Assessment
    • Admin Privileges
    • .... the rest.

April 15, 2020

  • Risk & Controls (cont.)
  • Risk Assessment
  • Integration and Privacy
  • RTO & RPO

April 22, 2020

  • Vulnerability & Mitigation
    • Responding to Incidents
    • Securing the Human
    • The Way In
    • Social Engineering

April 29, 2020

  • Vulnerability & Mitigation
  • System Logs
  • Hardening Systems and Networks
  • Assessment and Scanners
  • The Boxes

May 6, 2020

  • Course Review
  • Participant Action Plan Presentations