The following webinar was presented by Frosty Walker, Chief Information Security Officer at the Texas Education Agency, on March 8, 2017. The webinar features detailed information about the Cyber Security tips and tools available in this resource.
Cyber Security Tips and Tools Webinar—An Overview of the Tips and Tools
Cyber Security Tips and Tools Webinar
A follow up webinar, "Establishing an Information Security Plan, Session 2," was delivered on April 12, 2017.
Data Breach or PII Exposure Exercises
The following two exercises ask you to consider the appropriate actions to take in the event of a data breach or personally identifiable information (PII) exposure. After reading each slide, consider your next course of action, and list the steps you'd take. Then, move to the next slide.
Questions and Considerations for Cloud Providers
If your district is considering moving its data to a cloud provider, there are some basic questions to ask in order to determine if this host environment can safely and effectively store your sensitive data. Click the key words below to learn more.
The EDUCAUSE HEISC assessment tool was created to evaluate the maturity of higher education information security programs using as a framework the International Organization for Standardization (ISO) 27002:2013 "Information Technology Security Techniques. Code of Practice for Information Security Management."
This tool was intended for use by an institution as a whole, although a unit within an institution may also use it to help determine the maturity of its individual information security program. Unless otherwise noted, it should be completed by the chief information officer, chief information security officer or equivalent, or a designee. There are a total of 101 questions. On average it takes about 2 hours for an information security officer or equivalent familiar with their environment to complete this tool.
The self-assessment has been designed to be completed annually or at the frequency your institution feels is appropriate to track maturity. The assessment tool uses the ISO 21827:2008 framework for scoring maturing, which scales from 0 to 5, with 5 being the highest level of maturity:
0. Not Performed
1. Performed Informally
3. Well Defined
4. Quantitatively Controlled
5. Continuously Improving
Answer each question by selecting the appropriate level of maturity, 0–5. Each ISO section will be added up then averaged to provide a maturity assessment for the given section.
Texas CyberSecurity Framework
There are 40 CyberSecurity attributes that DIR is tracking under SB1597, and the linked Information Security Plan Summary spreadsheet shows this tracking in a bar chart. The numbering has been randomized on purpose so feel free to share it.
For each CyberSecurity objective, update columns D through I with the agency's self-assessment as to percentage (in whole numbers) of the organization that meets the DIR standard for maturity.
Column K tabulates the entries' "points" and normalizes the 6 grade levels that reflect the maturity score for the CyberSecurity objective.
Column L converts the objectives' points to the CMMI scale.
Cybrary Information: Free Cybersecurity Training
You can improve your cyber security awareness through free educational resources.
Cyber security is quickly evolving. Keep your team a step ahead by developing their skills.
- access to Cybrary's complete course library with over 2,000+ lessons,
- learning paths for learning outside the classroom, and
- reporting tools to track course completions and site usage.
Visit Cybrary to view the complete topic catalog.
Frequently Asked Questions
Question: What is the website where the cyber security information is shared?
Question: Is the security framework plan being discussed a TEA mandate?
Answer: No. The security framework plan and the tips and tools are recommendations to address cyber security issues being encountered by the education community and improve overall cyber security posture.
Question: Are the cyber security webinars being recorded and will they be available for future review?
Answer: Yes. The cyber security webinars are being recorded and will be available to view at https://www.texasgateway.org/resource/cyber-security-tips-and-tools.
Question: You mentioned some available courses. How can I access them?
Answer: The free online training discussed in the webinar regarding cyber security and IT related topics is available through an online resource called Cybrary. More information regarding Cybrary is available at https://www.texasgateway.org/resource/cyber-security-tips-and-tools.