Search
Member Login

Network Security, Awareness, and Training

One of the biggest causes of data breaches is human error. The actions of users, both intentionally and unintentionally, can cause incidents of mishandling sensitive data, whether it be opening an infected email attachment, using weak passwords, losing a laptop or other portable device, or simply sending an email with sensitive data to the wrong person. Providing an effective security awareness training program for employees can help minimize breaches and cyber-attacks, which can be costly to schools and disruptive to student learning.

The Wisconsin Department of Public Instruction, in following NNT’s CIS Controls, has some recommendations for school and district leaders in addressing the human side of data security.

First, keep in mind the different cybersecurity risks that affect each level of employee. For example, district administrators handle certain sensitive data, system administrators control access to systems and applications, and users such as teaching staff, human resources, and finance handle different types of sensitive data making them potential targets. Make sure the security awareness and skills training provided contains role-specific guidance.

Second, when developing the training, it should address network security risks and provide the skills necessary to reduce cybersecurity risks. An effective training program includes an annual training session, coupled with frequent, topical messages about security plus phishing tests. Some messages could center around topics like strong password usage coinciding with the start of the school year as accounts are being established or phishing scams coupled with a recent news article about school data breaches.

Finally, regularly update training materials. This will increase the culture of a security within a school or district.

If trained properly, your employees will be able to identify potential security breaches and can be another line of defense when it comes to cybersecurity and keeping your staff and students’ data secure.

For more information, please contact Ed Snow with the DPI’s Instructional Technology Services Team or visit https://dpi.wi.gov/cyber-security for resources and cyber/data announcements.