Cybersecurity resilience starts with actionable insights, and at January’s SecurED Schools, those insights were the center of a statewide conversation on keeping K-12 learning environments safe and productive. With over 230 virtual attendees, this year’s program emphasized preparedness – both now and as new cyber threats take aim at educational institutions.
Now in its sixth year, this annual LTC-hosted conference brings together local and national voices from cybersecurity’s public and private sectors. Each session focuses on sharing practical resources and experiences about auditing, data privacy, threat detection, and more.
No matter which sessions you attended, your district’s cybersecurity next-steps should now be coming into focus. For those who couldn’t make it, these are my four big takeaways from SecurED Schools 2025:
A fully-fledged cybersecurity plan can cost a pretty penny. But you don’t need to break the bank (or your limited budget) to give your school or district a defensive leg up.
Tony Collings’ keynote highlighted an armful of free services K-12 tech teams can reach for while evaluating their cyber defenses. These no-cost resources all come compliments of CISA, which remains focused on helping schools protect against, respond to, and recover from digital emergencies:
CISA’s Cyber Hygiene service scans internet-facing systems for weak configurations and known vulnerabilities.
Requesting a free scan is easy. Simply email vulnerability@cisa.dhs.gov with the subject line, “Requesting Cyber Hygiene Services”.
These packages include exercise objectives, scenarios, and discussion questions – all designed to initiate discussions about your organization’s ability to address anticipated threats. Available scenarios include physical security and cybersecurity topics relevant to K-12 schools, including ransomware, insider threats, and phishing.
These tabletop exercises aren’t just for tech teams. All school stakeholders are invited to observe and take part in discussions, ensuring all decision-makers are on the same page if a genuine incident occurs.
CISA’s Cyber Security Evaluation Tool (CSET) is desktop software that walks users through a step-by-step network security evaluation process. This repeatable process is a reliable way to implement routine network monitoring as well as maintain baseline compliance with industry standards (essential if your district maintains cybersecurity insurance).
Fortifying your school’s digital defenses doesn’t mean starting from scratch. This year’s speakers shared two frameworks you can utilize while selecting cybersecurity controls and developing an incident response plan:
Compiled by the LTC, this free resource highlights 48 recommended controls for account management, network infrastructure, email security, and more in K-12 schools.
When implemented, these controls also help Illinois schools comply with the state’s Student Online Personal Protection Act (SOPPA).
When it’s time to draft information security policies, this free resource offers a jumping off point that schools can use to shape incident response plans. It features specific, high-level steps stakeholders should consider while developing their plans, including how they’ll detect threats and update policies in the wake of an incident.
Despite their wealth of insights, K-12 tech teams are too often left out of key conversations concerning instructional and information technology. That omission can put tech teams in a bind down the road, especially when issues arise that their input may have anticipated.
During their afternoon session, “The Room Where it Happens”, the K12 Tech Talk podcast team discussed the growing need for tech teams at the leadership table. While pushing for more advocacy, they also spotlighted several strategies for ensuring cybersecurity, data privacy, and interoperability concerns are heard, including by:
No matter the topic, every SecurED Schools speaker made one point abundantly clear: there’s no time to waste when it comes to cybersecurity. K-12 leaders need to act with urgency to keep up with known malicious actions and stay ahead of emerging threats, such as the AI-powered malware engine GhostGPT.
This is doubly true for institutions who have been slow to adopt comprehensive cybersecurity controls. My colleague Eric Muckensturm said it best:
“This may be a hard truth or a tough pill to swallow. But cybersecurity has been a buzzword for years now and we should no longer be in the beginning stages of our cyber journey. We need to act. Now.”
While there was plenty to talk about during SecurED Schools, it wasn’t the end of the conversation around protecting K-12 networks and data. Join your peers this summer at SummIT, a live, collaborative conference focused on all things K-12 tech – from cybersecurity and data privacy to network planning and hardware management.
This two-day event hosted at the University of Illinois’ Campus Instructional Facility will feature workshops, panels, and roundtables led by K-12 tech leaders and trusted technology partners. Between sessions, you’ll have ample opportunities to connect with peers and form the trusted networks you can rely on while planning an upgrade or responding to a cyber incident.
If you missed a session or forgot to grab a presenter’s resource, no sweat. 100% of presenter resources, slide decks, and session recordings are now available exclusively for registered SecurED Schools attendees.
To access these resources, simply log back into Accelevents, select “SecurED Schools 2025”, and navigate to the “Breakout Sessions” tab. Access to these post-event resources closes on February 28, 2025.
Trouble accessing the conference platform? Contact our team at support@ltcillinois.org.
Duane leads and supports events, programs, and initiatives related to network infrastructure, data privacy, cybersecurity, technical support, and technology services.
Eric provides a multitude of services to help Illinois public school districts improve their overall security posture and maturity, including through the implementation of standards, frameworks, and industry best practices.
Sam leads and supports the execution and growth of LTC services through the development and creation of innovative, impactful, and timely digital content.
Schools need a comprehensive framework to keep up with emerging cyber threats. This free resource includes 48 recommended controls – all vetted and aligned with globally-recognized standards.
“We’ve been hacked. It’s bad.” Guest Emily Flach lived it as a K-12 tech director. Learn from her experiences + hear Eric Muckensturm’s strategies for safeguarding your school against evolving cyber threats.
Protecting student data and achieving SOPPA compliance requires extra effort. We’re partnering with TEC to offe access to legal and negotiation support + over 2,000 pre-negotiated vendor agreements.
