Welcome Welcome to Virginia’s world famous Technology in Education conference. Using this tool to mark your personal scheduling preferences does not reserve a seat for marked sessions, nor does it register you for the conference. We do not plan to have paper programs available on site. If you would like a printed program, please print a personal copy prior to arriving at the conference.
Today the threat of cyber attacks is more real and more dangerous than ever. These attacks range from complicated and highly organized electronic assaults exploiting serious security vulnerabilities to simply digging through dumpsters in search of discarded bank statements. Arguably one of the most concerning threats is commonly referred to as "Social Engineering". These cyber criminals take advantage of flaws in the way people behave to deceive targets and obtain sensitive information which can later be used for various highly unethical purposes. One type of Social Engineering is known as phishing. Phishing attacks will commonly simulate sensitive or important emails to trick their targets into doing something which could result in a data breach. Teachers have access to a significant amount of sensitive data, and many lack the security training found in corporate environments, which makes them ideal targets for a phishing attack. As technology becomes increasingly more involved in our classrooms, the threat of cyber crime, and the damage it can cause, increases. The 2018 report from the K-12 Cybersecurity Resource Center states that a majority of the incident-reports relating to cybercrime in K-12 education were primarily due to human error. One of the goals for this presentation is to discuss ways to mitigate the chances of human error causing a serious cyber incident. Using data from an anonymous K-12 district in Virginia, the results of a phishing audit performed using the KnowBe4 system will be discussed. During this presentation there will also be a simulated phishing attack demonstration. Finally, at the end of the presentation participants will review a case study of a district actually affected by a phishing attack, and will be given the opportunity to participate in a discussion on what could have been done to mitigate this attack. This presentation will hopefully provide teachers, administrative staff, IT staff, and other support members the information they need to make their own schools as secure as possible!
