CITE Cybersecurity Resources
Cybersecurity
ResourcesDownload Top Considerations
For Cybersecurity InsuranceGovernment & Law
Enforcement ContactsCybersecurity
Glossary
Without a strong cybersecurity program, your organization is vulnerable to data theft, service disruption, and even legal action from parents or affected stakeholders if a data breach occurs. A significant ransomware attack can affect your organization’s reputation for years. The resources below are available to help you prepare for and respond to a serious cyber incident when one occurs.
Resources
Cyber Incident Response Plan (CIRP) Template
A CIRP is required by cyber insurance providers and helps prepare your agency to respond to a serious cyber incident. The CIRP template was created by CITE K-12 technology professionals specifically for K-12 agencies and is maintained by the California County Superintendents’ Technology Services Committee (TSC).
California County Superintendents Cyber Incident Response Plan (CIRP) Template
CIS Controls
The CIS Controls are recommended cybersecurity best practices and defensive actions developed by the Center for Internet Security (CIS). They provide specific and actionable ways to defend against common cyber threats and support compliance with various frameworks. The CIS Controls are a prioritized list of high-priority tasks that organizations can implement to significantly improve their cybersecurity posture.
Download The CIS ControlGuide To Implementation GroupsAbout Implementation Group #1Summary of 18 CIS Critical Security Controls
Multi-Factor Authentication (MFA) Implementation Guide
MFA is the most important security control you can implement, as most cyber attacks are directed towards staff. The attached workbook will help your agency implement MFA if you have not yet implemented it on all staff accounts.
San Diego County Office Of Education - MFA Workbook
CITE’s Data Privacy Service
LEAs use hundreds of apps in the classroom and ensuring that each app is compliant with student data privacy laws is difficult and time consuming. CITE's Privacy Services Program manages your LEA's Data Privacy Agreements (DPA's) and includes a dedicated technician for one-on-one support.
Additional Disaster Recovery Resources
A Disaster Recovery Plan (DRP) is critical to ensure your organization can recover technology services as quickly as possible in the event of a serious cyber incident. If you don’t have a working plan in place, use this template and related disaster recovery resources to create a working Disaster Recovery Plan (DRP). The template was created by CITE members from the County Offices of Education. A Business Continuity Plan (BCP) template is also available.
Cybersecurity: Top Considerations For Cybersecurity Insurance
The following systems and controls should be prioritized above others to ensure your agency is protected from most cyber threats. You should then work on implementing the remaining CIS Controls in Implementation Group 1.
Download Top Considerations For Cybersecurity Insurance
Government & Law Enforcement Cyber Contacts
- Multi-State Information Sharing and Analysis Center (MS-ISAC)
- Membership is free for K-12 agencies. MS-ISAC provides a number of free and low-cost services, including cybersecurity advisory alerts, Malicious Domain Name Blocking and Reporting (MDBR), passive threat notification service, and many others.
- Cybersecurity and Infrastructure Security Agency (CISA)
- CISA provides risk and risk mitigation advice, outreach, assessments, inspections, trainings, and support to government agencies.
- Center for Internet Security (CIS)
- The CIS establishes and maintains cybersecurity best practices, including the CIS Controls and CIS Benchmarks. They are a partner of MS-ISAC.
- California Cybersecurity Integration Center (Cal-CSIC) (Part of California Office of Emergency Services, or Cal-OES)
- Maintains a 24/7 report line that provides no-cost services as well as coordination with cyber insurance incident response services.
- Phone: 833-737-6781 (833-REPORT1)
- Email: calcsic@caloes.ca.gov
- Quick Reference Brochure
- Federal Bureau of Investigation (FBI)
If you experienced a Cyber incident that affected 500 or more staff, students, or stakeholders, you must file a report to Cal-OES.
- Follow the directions included in this Google Doc to file a report with Cal-OES
- Submit a Data Security Breach Notification to the Attorney General’s Office
This guide was created as a resource you can provide to your Board Members, Cabinet members, or other non-technical staff in your agency.
- Implement Multi-Factor Authentication (MFA) for all staff accounts if you have not already.
- Implement the recommendations in the Top Considerations for Cyber Security Insurance document.
- Create a Cyber Incident Response Plan (CIRP).
- Support and encourage an ongoing investment in IT systems and services that will improve the organization's cybersecurity posture and operational resilience.
- Encourage and support cybersecurity and digital citizenship training at all staff levels.
- Support the district and/or COE's ability to hire cybersecurity and technology staff.
- Ensure your LEA has a cyber liability insurance policy and ensure decisionmakers understand the requirements to stay insured.
- Review board policies and administrative regulations related to technology use by staff and students and record storage and retention.
- Business Email Compromise & Wire Fraud: The use of social engineering and phishing to trick employees into processing fraudulent payments to criminal actors.
- Cyber Incident Response Plan (CIRP): a documented strategy outlining how an organization will detect, respond to, and recover from cyber security incidents like data breaches, ransomware attacks, and other disruptions.
- DDoS, Distributed Denial of Services (DDoS), pronounced "D-Daws": An attempt to disrupt a network or server by flooding with requests from various systems on the internet which can prevent users from accessing your agency's website or other network resources.
- Malware: A type of software (commonly called a virus) designed to gain unauthorized access or damage a computer.
- MFA, Multi-Factor Authentication, (MFA): is the use of a second method of verification besides a password to allow authorized access to a system. Increasingly this is a requirement for all cyber insurance.
- Phishing: An attempt to have someone click on a link with the intent on stealing your password or other login credentials or provide private information via email, text, or other forms. Used in conjunction with other items like malware.
- Ransomware: Malicious software designed to extort money by blocking access to files.
- Social Engineering: Describes the efforts by attackers to use methods like phone calls, in-person visits, or similar tactics to gain sensitive information.