Cyber Security for K-12 SCHOOL DISTRICTS

The Client

Cyber Security for K-12 School Districts

Summary

Educational systems are often resource-constrained and stand to see a dramatic increase in their cyber program maturity through external support. Extending their team allows the school district’s employees to focus on what’s
most important while Conquest limits the noise, responds to low or medium-level threats and alerts, and rapidly escalates all critical alerts to ensure that the customer is made aware and provided with remediation support.

According to a recent Center for Internet Security report, nearly 20 percent of K-12 schools spend less than one percent of their IT budget on cybersecurity each year. The average is only eight percent. As schools continue to grow their environments with student computers and other vulnerabilities, the need for cyber resiliency grows stronger year after year and day after day.

As school districts gain clarity on the importance of securing their environments, how do they bridge the gap between compliance and maturity?

Conquest Cyber is proud to partner with school districts as they prepare our next generation of leaders and is focused on serving as a true partner for each of our customers. This approach shined through upon the recent completion of a trial offer with a large school district. Conquest found a serious threat while off-boarding the customer’s environment. Rather than continuing the off-boarding process, we
immediately alerted their team to the threat, and supported its resolution before further issues arose.

After this demonstration of our commitment and integrity, the customer decided to move forward with Conquest as their cybersecurity partner – having witnessed our dedication firsthand.

Now, with ARMED ATK in place, we also perform quarterly CRRs, bi-weekly ticking and tuning reviews alongside our continuous optimization – providing the customer with a consistently improving environment.

Problem

SCHOOL DISTRICTS OFTEN HAVE LIMITED RESOURCES DEDICATED TO CYBERSECURITY

School districts are rich in data yet limited in resources—making them high-value targets for our adversaries. From financially motivated ransomware attacks to social or politically motivated reputation-building opportunities, school districts must be prepared to protect their digital estates.

In 2021 alone, 67 ransomware attacks affected 954 schools and colleges, potentially impacting 950,129 students and costing an estimated $3.56 billion.

With limited resources to face these foes, school districts must partner with trusted cybersecurity teams who can help to manage and oversee alerts of threats—big or small.

By deploying ARMED ATK’s Defend, SECOPs, Shield, and Risk Modules – Conquest is able to eliminate

>99% of one of our largest K-12 customers’ average monthly ticket count cutting the average monthly total of ~20,000 alerts that their team must address to a far more manageable 63.

As part of our partnership with the school district, their environment is fully monitored in all aspects. By removing the volume of alerts, providing frequent reviews and continuously optimizing, we enable their team to maximize their effectiveness and keep their environment safe.

Solution

COMPLIANCE. MATURITY. EFFECTIVENESS.

After completing a concept trial, the customer had not yet committed to a long-term partnership with Conquest Cyber. While offboarding access to the environment, Conquest

Cyber found a serious threat within their system and went beyond contractual obligations to alert them of this vulnerability – preventing further escalation.

This true demonstration of Conquest’s mission led the customer to formally partner with Conquest to continuously ensure their cyber resiliency.

Since then, Conquest has now deployed its ARMED ATK platform – including the DEFEND, RISK, SECOPs (Security Operations Center), and SHIELD modules.

The DEFEND module serves as their strategy home base with a real-time view of the environment’s maturity.

RISK serves as the core for their adaptive, risk-based cybersecurity program and helps to frame, assess and remediate risk.

The SECOPs module provides a centralized view of the environment’s security alerts and incidents. With an intuitively organized ticketing system, these alerts are clearly labeled by time, location and severity.

SHIELD visualizes the organization’s critical infrastructure and its vulnerabilities to help prevent and protect the organization from threats before they occur.

The Conquest team prioritized the deployment of SECOPs to ensure their environment was being fully monitored as quickly as possible. Now, with all four modules active, the customer has 24/7 visibility and is alerted of potential issues via email, text, and push notification. In case of a problem, the platform also provides direct access to Conquest’s elite team of cybersecurity experts.

By creating simple visualization of each of these crucial aspects of their environment, Conquest allows their internal team to understand the urgent needs and maximize their effectiveness. To further optimize their environment, Conquest also provides:

QUARTERLY CYBER RESILIENCY REVIEWS

EFFECTIVENESS TESTING

BIWEEKLY TICKET AND TUNING REVIEWS

Distinctives

AUGMENTED TEAM BETTER UTILIZES RESOURCES

Conquest Cyber serves as more than a vendor but rather acts as a partner. By understanding each environment’s maturity, Conquest can adapt and adjust its services to meet its needs.

Beginning with stand-up and configuration, Conquest’s partnership with the customer zeros in on visibility and maximizing efforts and effectiveness. By deploying DEFEND, RISK, SECOPs, and SHIELD, the unique capabilities of ARMED ATK dramatically improve the district’s security posture with an overlay of risk and compliance and allow them to:

• Stay on track with their requirements
• Automate and implement the collection of evidence
• Allocate each piece of evidence to each of the NIST CSF controls and better prepare for audits
• Access direct mapping to compliance requirements specific to their requirements and actionable steps towards achieving the outcome

• Make risk-informed decisions to integrate into their operations
• Organize all security alerts and incidents in their environment based on time, location, and severity
• Enable 24x7x365 Extended Detection and Response, Advanced Threat Hunting, and Managed Sentinel Service
• Access logs in their environment dated as far back as one year

• Visualize, frame, assess, and remediate risks and structure effectiveness testing
• Access to tailored threat intel
• Make risk-informed decisions to integrate into their operations

• Visualize organization’s critical infrastructure
• Recognize hardware and software asset vulnerabilities
• Protect organization from threats before they occur

For the typical school system cybersecurity team, it is crucial to maximize their resources. Conquest augments their team – extending their capabilities, knowledge base and environmental awareness.

By escalating only .32% of tickets per month, Conquest and ARMED ATK help offboard unnecessary assets resulting in a synergistic security suit that reduces workload and saves money.

Distinctives

AUGMENTED TEAM BETTER UTILIZES RESOURCES

Our partnership removes more than 99% of tickets from escalation. In an average month, only 63 of 20,000 are sent to their team – freeing up their limited resources to focus on what is most important.

With our effectiveness testing, bi-weekly ticket and tuning reviews and quarterly cyber resiliency reviews, we ensure both situational awareness and preparedness. When protecting our nation’s vital resources, like water, our work protects more than cyber environments. We’re protecting our way of life and providing peace of mind.

Outcomes

MAXIMIZE SMALL TEAM’S EFFECTIVENESS BY REMOVING 99% OF TICKET ESCALATION

For the typical school system cybersecurity team, it is crucial to maximize their resources. Conquest augments their team – extending their capabilities, knowledge base and environmental awareness.

By escalating only .32% of tickets per month, Conquest and ARMED ATK help offboard unnecessary assets resulting in a synergistic security suit that reduces workload and saves money.