Cybersafety

1. Cybersafety: The safe and responsible use of technology (Source), of which digital citizenship plays a key role 

   1. Cyberbullying: Cyberbullying is bullying that takes place over digital devices like cell phones, computers, and tablets. Cyberbullying can occur through SMS, Text, and apps, or online in social media, forums, or gaming where people can view, participate in, or share content. Cyberbullying includes sending, posting, or sharing negative, harmful, false, or mean content about someone else. It can include sharing personal or private information about someone else causing embarrassment or humiliation. Some cyberbullying crosses the line into unlawful or criminal behavior (Source).

   2. Digital Citizenship: The self-monitored habits that sustain and improve the digital communities you enjoy or depend on (Source)

Cybersecurity

1. Cybersecurity: Cybersecurity is the body of technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access. In a computing context, security includes both cybersecurity and physical security (Source)

   1. Content Filters: On the Internet, content filtering (also known as information filtering) is the use of a program to screen and exclude from access or availability Web pages or e-mail that is deemed objectionable (Source)

   2. Data Breach: A data breach is an incident in which sensitive, protected or confidential data has potentially been viewed, stolen or used by an individual unauthorized to do so. Data breaches may involve personal health information (PHI), personally identifiable information (PII), trade secrets or intellectual property (Source).

   3. Denial of Service (DOS)/Distributed Denial of Service (DDOS) Attack: A denial-of-service (DoS) is any type of attack where the attackers (hackers) attempt to prevent legitimate users from accessing the service. In a DoS attack, the attacker usually sends excessive messages asking the network or server to authenticate requests that have invalid return addresses (Source). In a DDoS attack, the incoming traffic flooding the victim originates from many different sources – potentially hundreds of thousands or more (Source).

   4. Firewall: Software/hardware that blocks external attacks from malicious attackers

   5. Malware: A catch-all term for malicious software targeting computers and mobile devices. 170M malware events in 2014 (Source).

   6. Personally Identifiable Information (PII): Personally identifiable information (PII), or sensitive personal information (SPI), as used in information security and privacy laws, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context (Source).

   7. Phishing: An attack that impersonate user(s) to obtain data access via email. Nearly 50% of users fall for this.

   8. Point of Sale (POS) Intrusion: An attack that targets a device transacting a sale. Account for 30% of data breaches.

   9. Ransomware: A form of malware in which rogue software code effectively holds a user's computer hostage until a "ransom" fee is paid. Ransomware often infiltrates a PC as a computer worm or Trojan horse that takes advantage of open security vulnerabilities (Source).

   10. Safe Harbor: The concept of “Safe Harbor” refers to specific actions, example; encryption of private data, that an individual or an organization can take to show a good-faith effort in complying with the law. This good-faith effort provides a person or organization “Safe Harbor” against prosecution under the law (Grama, 2015, pg.253). The State of Texas Statute 521.002 states that when a an individual’s first name or first initial and last name are combined with other private information, example, Social Security Number, that the information must be encrypted.  (Source)

   11. Web App Attack: A web-based attack that relies on http/https protocol to target a website. Ten to twelve percent of data breaches occur as a result of this form of attack (2014) (Source).

Cross-Departmental Collaboration

“Process. The process has to involve HR, Business Office, and M&O,” said David Jacobson (Lamar Consolidated ISD). The Executive Director of Technology for Round Rock ISD agreed. “It’s the processes and procedures, working with all the other customers. We have to get them to understand the importance of planning. One way is to do tabletop exercises to practice to see what we would do in the event of an event,” said Mark Gabehart (Round Rock ISD). 

In these situations, it is important to 1) recognize the need; 2) clarify the depth of the hole the organization is in; and 3) present a plan to never be in that hole again. 

Make sure your district has an equipment replacement plan. And that is then followed by a disaster recovery and business continuity plan.