NCDPI K-12 Cybersecurity Program
Announcements
- Cybersecurity Pilot Program
- The Federal Communications Commission (FCC) launched the Schools and Libraries Cybersecurity Pilot Program to gather the data needed to better understand whether and how universal service funds could be used to support the cybersecurity needs of schools and libraries.
- To learn more about the Pilot Program, sign up for the mailing list or visit the Pilot Program’s website.
- NCDPI K-12 Cybersecurity Webinar Series
- Unveiling the Power of Open Source Intelligence (OSINT)
- In this webinar, the NCDPI K-12 Cybersecurity Program team will explore the fascinating world of Open-Source Intelligence (OSINT) and its relevance in the K-12 education landscape. This session will focus on what OSINT is, its significance in the digital age, the types of information that can be obtained through OSINT, and demonstrate some real-world examples showcasing how OSINT can be applied in educational settings.
- July 10th, 1 pm
- Register Here
- In this webinar, the NCDPI K-12 Cybersecurity Program team will explore the fascinating world of Open-Source Intelligence (OSINT) and its relevance in the K-12 education landscape. This session will focus on what OSINT is, its significance in the digital age, the types of information that can be obtained through OSINT, and demonstrate some real-world examples showcasing how OSINT can be applied in educational settings.
- Unveiling the Power of Open Source Intelligence (OSINT)
- New Free CISA/NICCS Cybersecurity Resources!
- Congratulations to Cabarrus County School District for becoming the first North Carolina district to be awarded the full CoSN Trusted Learning Environment (TLE) Seal for data-privacy practices!
- For more information on how to achieve the CoSN TLE Seal, visit NCDPI’s Digital Learning Initiative Support page
Overview
In 2021, NCDPI established the K-12 Cybersecurity Program with a purpose of organizing and aligning business and technical cybersecurity functions holistically across the state so that PSU and NCDPI stakeholders have greater visibility into the people, processes, and technologies deployed and have a measurable way to determine whether those efforts are sufficient and correct for current and future needs.
The goal is to help all PSUs achieve essential cyber hygiene!
PSUs can find more details about the premium current services and resources provided by the program below AT NO COST to the PSUs
- Security Awareness and Skills Training (KnowBe4)
- Email and Web Browser Protection (Zscaler)
- Network Infrastructure Management (Palo Alto)
- Malware Defenses (CrowdStrike)
- Continuous Vulnerability Management (I) (Kenna Security)
- Continuous Vulnerability Management (II) (EdgeGuard)
- Continuous Vulnerability Management – Shodan
- Continuous Vulnerability Management – Dark Web Monitoring
- Inventory and Control of Enterprise Assets (runZero)
- Account and Access Control Management (RapidIdentity)
- Network Monitoring and Defense
- Incident Response Management
- Service Provider Management
- Network and Cybersecurity Consulting
In addition, the K-12 Cybersecurity Program has several partners with related services and resources available to the PSU community:
- NCLGISA IT Strike Team – The IT Strike Team is a group of NCLGISA members that volunteer their time and talents to help out in times of need. The Strike Team has partnered with NC Emergency Management to provide IT support where needed in time of disaster but is also available to any NCLGISA member who needs more resources to address emergency issues.
- North Carolina National Guard – The North Carolina National Guard CSRF mission is to conduct defensive cyberspace operations to support mission requirements as directed by The Adjutant General or Governor. Specifically for North Carolina, the CSRF provides cyber security assistance to State, Local, and Critical Infrastructure providers.
- NCDPI NC Digital Learning Plan – Framework for growth and continuous improvement in the area of Digital Teaching and Learning for NCDPI, public school units and schools across the state. View data, action steps and metrics for the state’s Digital Learning Initiative.
Management
The K-12 Cybersecurity Program is composed of cross-functional heterogeneous teams to work on tasks and deliverables of the projects. These teams will adapt and evolve over time, but identifying key members will be extremely important to getting the project started with good momentum. The teams should include representatives from all organizations that will interface with the Cybersecurity Program.
- Cybersecurity Executive Committee (CEC)
- The purpose of the executive committee is to provide the priority and policy advisory for the project and ensure the alignment of state agency and legislative requirements.
- The purpose of the executive committee is to provide the priority and policy advisory for the project and ensure the alignment of state agency and legislative requirements.
- Cybersecurity Core Teams (CCT)
- The core set of teams and organizations that collectively work together as part of the NCDPI K-12 Cybersecurity Program in providing the umbrella of cybersecurity services and resources for the PSUs
NCDPI, Friday Institute, MCNC, NCJCTF, NCDIT
- The core set of teams and organizations that collectively work together as part of the NCDPI K-12 Cybersecurity Program in providing the umbrella of cybersecurity services and resources for the PSUs
- Cybersecurity Advisory Council (CAC)
- The CAC consists of PSU cybersecurity leaders who meet monthly to discuss relevant threats, updates, and innovations. Overall focusing on supporting PSUs and NCDPI in improving the K-12 cybersecurity posture.
Key Program Contact
NCDPI K-12 Cybersecurity Team
k12cybersecteam@dpi.nc.gov
Strategy
There are several well known and respected frameworks available to be used as reference when designing organizational cybersecurity systems. Since the inception of the K-12 Cybersecurity Program, NCDPI has leveraged several of these standard frameworks as a guide for specific and actionable ways to thwart the most common attacks, with the goal of supporting PSUs to align with several of these standards and recommendations. Currently, the most critical frameworks referenced are:
- Center for Internet Security (CIS) Critical Security Controls
- National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF)
- National Institute of Standards and Technology (NIST) 800-53
For more information regarding these recommended guidelines, please visit the Strategy Goals and Alignments page.
Key Program Outreach and Engagements
- NCLGISA Fall 2023 Symposium – Strengthening PSU Incident Response
- Digital Leaders Exchange – Data Privacy and Cybersecurity, September 2023
- Northeast Technician Training, July 27, 2023
- NCDPI K-12 Cybersecurity Program – PSU Cybersecurity Startup Guide
- New Charter School Leadership Institute, June 8, 2023 Presentation
- NCLGISA 2023 Spring Symposium May 24, 2023 Presentation
- NCDPI K-12 Cybersecurity Program (March 2023)
- NCTIES 2023 – Re|Connect Cybersecurity Updates (March 2023)
- NCTIES 2023 – Data Privacy, Cybersecurity, and People Awareness and Skills Training for PSUs (March 2023)
- CoSN 2023 – Developing Statewide Cybersecurity Programs – North Carolina and Indiana (March 2023)