MAEDS 2024

In an era of increasing cybersecurity threats, educational institutions must be prepared to respond effectively to incidents that could disrupt learning, compromise sensitive data, or damage reputations. This professional development session will introduce participants to the three Incident Response templates crafted by the members of the Cybersecurity TaskForce over the last year.

These templates have been developed to address the unique challenges faced by public school districts. The templates range from a Single Page (Crawl), Multi-Page (Walk), and In-Depth (Run) that are freely available on the MiSecure website.

Participants will leave with copies of the documents tailored to their organization.

An overview of numerous tools (Ping Castle, Script Sentry, and more) and PowerShell strategies to secure your Active Directory and Windows Server environment(s). Approaching security from an assumed breach point of view, and utilizing the ACT Cycle to assess, configure, and test (pentest).

Physical Security & Technology form a united front to create a Secure Learning Environment

See how one district was able to leverage existing on-prem cameras and migrate to a cloud-enabled VMS platform with analytics and cloud backup.

Join the recent survivors of a cyber incident and hear a recount of beginning, middle, and end of every tech department’s worst nightmare.

As a State and as districts we are investing hundreds of thousands of dollars in cyber-security tools, personnel, plans, etc... BUT when an attack actually happens, WHAT do you NEED. WHEN do you need it. HOW can you be best prepared.

In this session, the Lenawee Monroe Technology Consortium and MiSecure will outline the RESPONSE process from the time that you discover a bad actor has compromised your environment, through the time when, and if, it is ok to bring systems back online.

We will also outline critical areas of focus for districts to concentrate on in making sure your systems are as secure as possible. Just because you have all devices protected with an EDR or MDR solution does not guarantee you will prevent an attack.

It's been a year since we embarked on our mission to safeguard our schools from cyber threats. Join us to celebrate our accomplishments, assess our current standing, and chart our path forward. We’ll deep dive into the statewide cybersecurity findings, shedding light on the most common issues, best practices, weaknesses and strengths. This is not just a presentation but a collaborative effort. We want to hear your experiences, challenges, and successes. Share your input to help us refine and enhance our cybersecurity strategies, ensuring we continue to support and protect our educational communities.

Join us for a session of Infiltration and Isolation, an Incident Response Tabletop system you may have heard me present on at MAEDS last year! Come and observe as a few volunteers participate in an Incident Response Scenario. See how the scenario unfolds and the participants react in order to isolate and resolve a simulated cyber attack. Whether you are one of the volunteer participants or if you are just an observer, this is a good opportunity to see how an Incident Response Exercise plays out and perhaps get some ideas for running your own Tabletop Exercise. This session is a fun and engaging way to help prepare for a serious cyber incident. I look forward to seeing you there to observe, or even to participate!

Purple Knight is a Free tool that can identify and walk you through fixing security vulnerabilities in your AD and Entra ID environment. I will go through running it and some easy fixes that will make your network more secure.

In In this session, we'll cover the following topics related to email authentication and security:

1. SMTP Overview
What is SMTP? (Simple Mail Transfer Protocol)
How SMTP works in email delivery.
The importance of securing SMTP to prevent email spoofing and phishing attacks.

2. Understanding DKIM (DomainKeys Identified Mail)
What is DKIM?
How DKIM uses cryptographic signatures to verify the sender's domain.
The role of DKIM is to protect against email tampering.
Implementing DKIM with OpenDKIM
Installation and configuration of OpenDKIM.
Generating DKIM keys and adding them to DNS.
Verifying DKIM signatures in outgoing emails.
Troubleshooting DKIM issues
Common issues and how to resolve them.

3. Understanding SPF (Sender Policy Framework)
What is SPF?
How SPF defines which mail servers are allowed to send email on behalf of your domain.
Role of SPF in preventing email spoofing.
Implementing SPF
Creating and publishing an SPF record in DNS.
Testing and validating SPF records.
SPF Reputation Scores
How ISPs and email providers use SPF reputation scores.
Tips to maintain a high SPF reputation score.

4. Understanding DMARC (Domainbased Message Authentication, Reporting, and Conformance)
What is DMARC?
How DMARC works with DKIM and SPF to provide domainlevel email authentication.
The importance of DMARC in protecting against phishing and email spoofing.
Implementing DMARC
Creating and publishing a DMARC policy in DNS.
How to interpret DMARC reports.
Using EasyDMARC for DMARC management
Overview of EasyDMARC.
Setting up and configuring EasyDMARC.
Analyzing DMARC reports using EasyDMARC.
DMARC Reputation Scores
Factors affecting DMARC reputation scores.
Maintaining a good DMARC reputation score.

5. Integrating SPF, DKIM, and DMARC for Email Security
Best practices for integrating and managing SPF, DKIM, and DMARC.
Real-world scenarios and case studies.
Monitoring and improving email reputation scores.

6. Q&A
Open discussion and troubleshooting.
Practical implementation using OpenDKIM and EasyDMARC.

This session will give you a comprehensive understanding of email authentication techniques and how to implement them effectively using tools like Open DKIM and EasyDMARC.

Linux OS, Postfix, Open DKIM,

Tools:
EasyDMARC
Dmarcian
DNS Checker

This session does tie in Google and Microsoft Mail Delivery

A demonstration of how to conduct your own phishing campaign for free with PowerShell. You will learn how to make templates, send emails, track responses, and build your own reports. Save your district thousands by sending emails yourself for free!

Struggling to reach your students and staff about the importance of Cybersecurity safety for themselves and the school? REMC Association can help! Explore free resources, developed in partnership with other Michigan organizations, to help your district be on board with understanding Cybersecurity.