IT Security

     As is readily discernible from the news, threat actors continue their efforts
     to probe, access and steal sensitive data from public organizations. The IT
     Security team continues implementing processes, procedures, and platforms
     to build on past work to keep our systems, applications, and infrastructure
     safe and secure.

     A critical piece of our strategy is the newly implemented Security Incident
     Event Platform (SIEM), which helps recognize potential security threats
     and vulnerabilities earlier and allows preventive measures to be employed
     faster. The SIEM uses Artificial Intelligence and Machine Learning to more
     effectively analyze and identify possible threats. Additional work completed or
     in progress from the IT Security group includes:
     •   Auditor General and External Audits

     •   Annual Applications Security Audit
     •   2022 Security Awareness Campaign
     •   Phishing Simulation
     •   VPN Account Administration
     •   Vulnerability Scanning

     •   Penetration Testing
     •   ERP Security
     •   Transportation Application Security

     •   Student Information Application Security
     Building on security application tools like a SIEM to provide automated
     response to security alerts and SOAR (Security Orchestration, Automation
     and Response) to provide incident response and reporting, we then add
     in a User and Entity Behavior Analytics (UEBA) solution and additional
     security tools to integrate the people, processes, and platforms  to maintain
     a high level of vigilance in identifying and responding to cybersecurity threats
     and incidents. Currently in progress is a project to enable Multi-Factor
     Authentication (MFA) for District staff. This is also a key strategy to ensuring                             Page 5