Episode Details

Back to Episodes
The CoSN Webinar Series: We Survived a Cyber Incident: From Readiness to Recovery

The CoSN Webinar Series: We Survived a Cyber Incident: From Readiness to Recovery

Published 6 months, 3 weeks ago
Description

This story has a happy ending. In January 2024, the “not if but when” happened to us. We’d been cyber-attacked, and the bad guys were in the house.


Presenters:

Luke Allpress, CETL, MEd

Director of Innovative Solutions

Agua Fria Union High School District

Avondale, AZ


Brandon Gabel

Director of Information Technology

Agua Fria Union High School District

Avondale, AZ


It started off with a fairly normal outage. Internal sites were stuck, and printing stopped working. We halted all network traffic as we methodically checked possibilities: power, hardware, network servers/services. Then, our Manager of Network and Security found it—a service account doing way more than it should.

He immediately initiated a quarantine, isolating all network traffic, “locking the bad guys in the house” as we began our investigation. The two aims of a cyber threat actor, 1) exfiltrate data, 2) lock us out for ransom, were both mitigated by his quick, informed action. We survived with little loss to operations and no data loss, thanks to our plan. Come hear about the preparation and lessons learned from our first cyber incident.


Key Take Aways:

  • We shape our workshops through Adult Learning Theory, emphasizing the expertise participants bring to the session and making ample space to apply new knowledge to existing problems. They will be reflecting on their own security plans and applying our lessons to their own situations.
  • Have a plan (CIRP). The worst time to figure out your cyber security plan is the day you need one. Call your network and insurance partners NOW to discuss your CIRP, not when it happens.
  • The guts: Know your backups and the backup solution/plan, make sure you’re backing up all servers. Audit admin access regularly. Ensure all accounts and devices, that can be, are locked behind MFA.


Slides, templates, etc.

bit.ly/cosn2025cyber


Watch the webinar:

https://www.youtube.com/watch?v=REzmsuKmIkw


The Sessions Everyone Was Talking About Webinar Series

Missed CoSN2025 in Seattle or couldn’t attend every session? Don’t worry—we’re bringing the most popular, standing-room-only presentations to you in a special webinar series. Learn from top EdTech leaders from across the country—no travel needed!


CoSN is vendor neutral and does not endorse products or services. Any mention of a specific solution is for contextual purposes.


For a complete listing of all CoSN's webinars, please visit:⁠⁠ ⁠⁠⁠

⁠⁠⁠⁠⁠⁠⁠https://www.cosn.org/⁠⁠⁠⁠⁠⁠⁠


Produced in partnership with⁠ ⁠⁠⁠⁠⁠⁠edCircuit⁠⁠⁠⁠⁠⁠.⁠

Listen Now

Love PodBriefly?

If you like Podbriefly.com, please consider donating to support the ongoing development.

Support Us