Those responsible for cybersecurity in our districts spend a great deal of time empowering our users with security knowledge and awareness. Yet, we often don’t allow ourselves to focus on our learning.  As IT leaders, we oversee an incredibly complex, data-rich network under constant attack. We must carve out time to learn and grow ourselves to perform our jobs well!

Technology and especially cybersecurity are changing at light speed.  We can’t possibly know everything. However, some resources can help us learn and grow in our cybersecurity knowledge. One of the things that I’ve learned is that for all the massive complexities of the technical side of cybersecurity, one of the most critical areas to focus on is the human, organizational, and procedural side.

My career in the technology field began in 1977;  I realize I am a relic of sorts! That said, it’s never too late to learn and grow, so in 2018 I enrolled in CoSN’s “Advanced Persistent Prevention: Cybersecurity in K-12 Education” course. Indeed, as Director of Technology & Information Services, responsibility for cybersecurity fell squarely on my plate, but I had little formal training in that realm. So this was a fantastic opportunity and experience for me. Amy McLaughlin is a master educator with vast knowledge and experience. The CoSN class Amy facilitated opened my eyes to what cybersecurity is truly about and where our focus needs to be. Spoiler alert: Cybersecurity is much more of a human problem than a technical one!

With my newfound knowledge and confidence from Amy and that CoSN class, while never being one to pursue certifications, I began to study for the Certified Information Security Manager (CISM) certification. The CISM seemed ideally suited to me and my leadership role. That learning experience was fantastic and further broadened my understanding of cybersecurity and the critical relationships between organizational leadership, policies, procedure, and the management of risk.

On a roll, I enrolled in FRSecure’s free CISSP mentoring program, simply intending to “listen in” and maybe pick up a few things, never thinking I could become a Certified Information Systems Security Professional (CISSP). Well, long story short, I was hooked and earned my CISSP. And add to that several other great CoSN cybersecurity workshops I had the good fortune to attend along the way. My learning continues!

I told you my story to help illustrate that even for an old dog like me, there are so many avenues to help you grow your cybersecurity knowledge. Most of them don’t take a tremendous investment in time and resources, yet their return on investment is enormous.

I can’t emphasize enough that cybersecurity is not just about firewall rules and cryptography. It’s primarily about setting up organizational structures and processes and ensuring that your organization’s critical assets and associated risks are identified, prioritized, protected, and managed; the human stuff. The professional development I’ve experienced and the great relationships I’ve built during those opportunities have been instrumental in realizing and applying these truths. Change does not happen overnight, and we are well on our way to having the right people involved and the right processes in place to manage our risks in the best possible manner. It’s a constant work in progress, and you are not on this journey alone!

CoSN, specifically, CoSN’s Cybersecurity Initiative, is committed to bringing their members relevant, current, and actionable information about cybersecurity, paired with powerful learning experiences and resources. https://www.cosn.org/edtech-topics/cybersecurity/

 

Please check out these upcoming CoSN professional development resources:

 

Rod Russeau, CISSP, CISM, CETL, CDPSE
Chairperson, CoSN Cybersecurity Initiative
Director, Technology & Information Services
Community High School District 99, Downers Grove, IL