by Andy Lombardo & Phil Hintz
Welcome to the "Zero Breach Zone," where we delve into the vital mission of fortifying K-12 schools against breaches and phishing threats. Hosts Andy Lombardo and Phil Hintz lead insightful conversations with top experts in cybersecurity, education, and technology, uncovering strategies to protect our schools. From breaking down the latest digital threats to sharing actionable security measures, this podcast empowers educators, administrators, and parents with the tools they need to safeguard students and staff in today’s connected world.
Language
🇺🇲
Publishing Since
9/25/2024
Email Addresses
1 available
Phone Numbers
0 available
April 22, 2025
<p>Welcome to episode 14 of the Zero Breach Zone, in this episode hosts Phil Hintz and Andy Lombardo dive into the current state of K-12 cybersecurity, analyzing key findings from the Cisco Talos 2024 report. They explore the concerning rise in ransomware attacks targeting educational institutions, the struggles schools face with limited security budgets, and practical strategies for strengthening cyber defenses. The conversation covers the critical importance of regular system monitoring, vulnerability patching, and addressing MFA weaknesses that leave schools exposed. Phil and Andy emphasize that human factors remain one of the biggest security challenges, highlighting how effective security awareness training can significantly reduce risk when implemented thoughtfully. The discussion also examines the growing relevance of zero trust architecture and how phishing attacks continue to be cybercriminals' preferred entry point to school systems. Throughout the episode, they stress that despite being perceived as low-value targets, K-12 schools are increasingly in cybercriminals' crosshairs, making collaboration among education cybersecurity professionals more important than ever.</p><p><br><strong>Key Takeaways:</strong></p><ul><li>K-12 education is increasingly targeted by cybercriminals despite being perceived as low-value</li><li>Educational institutions now lead in ransomware attacks, with incidents peaking during school breaks</li><li>Budget constraints severely limit cybersecurity initiatives in schools</li><li>Fundamental security practices are critical: regular monitoring, patching systems, and addressing MFA vulnerabilities</li><li>Security awareness training delivers strong ROI when implemented effectively</li><li>Email security and phishing prevention remain essential first-line defenses</li><li>Creating a culture of cyber awareness among all staff is fundamental to protection</li><li>Zero trust architecture and data-driven security decisions are becoming increasingly important</li><li>Collaboration among education cybersecurity professionals is vital for improving collective defense</li><li>Proactive measures and basic cyber hygiene significantly reduce exposure to attacks</li></ul><p><strong><br>Resources Mentioned:</strong><br>- <a href="https://talosintelligence.com/vulnerability_reports/TALOS-2024-2098">Cisco Talos 2024</a> Cybersecurity Report<br>- <a href="https://www.cybernut.com/about-us">CyberNu</a>t Security Awareness Training for K-12<br>- cosn.quorum.us/campaign/115693/ <br>- Parting Tool: <a href="https://www.edtechirl.com/p/rustdesk-moving-beyond-teamviewer">Rust Desk as a fee alternative to TeamViewer on Andy's Blog EdTechIrl</a> (@edtechirl on substack) </p><p><strong>Chapters</strong></p><p>00:00 Introduction to K-12 Cybersecurity</p><p>02:49 Insights from Cisco Talos 2024 Report</p><p>06:04 Understanding the Target: K-12 Education</p><p>08:56 Challenges in Cybersecurity Funding</p><p>11:57 The Importance of Regular Monitoring and Patching</p><p>15:02 Security Awareness and Human Factors in Cybersecurity</p><p>20:19 Navigating Email Security Challenges</p><p>23:22 Building a Culture of Cyber Awareness</p><p>25:14 Understanding Spoofing and Phishing Attacks</p><p>27:31 Ransomware Trends and Threats</p><p>30:12 The Rise of Ransomware as a Service</p><p>39:56 Proactive Measures Against Ransomware</p><p>43:35 Remote Access Solutions for Security</p>
April 8, 2025
<p><strong>Welcome to Episode 4 of the Zero Breach Zone!</strong> In this episode, we sit down with Oliver Page, CEO and founder of <a href="https://www.cybernut.com/">CyberNut</a>, for an inspiring conversation about entrepreneurship and cybersecurity in education. Oliver shares his journey as a serial entrepreneur, including his experience founding <a href="https://www.nutkase.com/">NutKase</a>, a successful K-12 device case manufacturer that protected over 3 million student devices. Through both success and failure, he shares valuable lessons that led him to his current venture. As the founder of <a href="https://www.cybernut.com/">CyberNut</a>, he discusses how his company is revolutionizing cybersecurity training in educational institutions with innovative, user-friendly solutions.</p><p>Oliver explores the critical need for comprehensive cybersecurity education and how <a href="https://www.cybernut.com/">CyberNut</a> is meeting this challenge through fast, efficient training programs and authentic phishing simulations. The discussion highlights how their unique approach caters to both faculty/staff and student needs, setting them apart in the educational cybersecurity space.</p>
March 25, 2025
<p>Welcome to episode 13 of the Zero Breach Zone! In this episode hosts Phil Hintz and Andy Lombardo speak with Jeff McCoy, Associate Superintendent for Academics in Greenville County, South Carolina. Drawing from his 25+ years in education, Jeff discusses the integration of technology in schools, emphasizing the distinction between vendors and solution partners. The conversation highlights cybersecurity as a shared responsibility across all departments, not just technology. Jeff stresses that security training should be continuous rather than annual, using short, clear communications. The discussion covers how data breaches often involve academic software, the importance of evaluating vendors' security practices, and the need for transparency with AI implementation in education. Jeff emphasizes that technology should ultimately enhance teaching and learning, requiring proper change management and cross-departmental collaboration. As this weeks Parting Tool, Jeff highlights the crucial role of 1EdTech, a global non-profit that develops open standards to reduce complexity, accelerate innovation, and expand educational possibilities worldwide.</p><p><strong>Key Takeaways:</strong><br>- Cybersecurity is a shared responsibility across all departments, not just technology<br>- Distinguish between vendors (who sell products) and solution partners (who address needs)<br>- Cybersecurity training should be continuous, using short, clear communications<br>- Data breaches frequently involve academic software, not just administrative systems<br>- Multi-factor authentication is essential for protecting school systems<br>- Vendors must be evaluated for their cybersecurity practices and certifications<br>- AI in education requires transparency about data usage and privacy<br>- Technology should enhance teaching and learning, not complicate it<br>- 1EdTech provides valuable resources for vetting educational apps</p><p><strong>Resources Mentioned:</strong><br>- Multi-factor authentication solutions<br>- Greenville County Schools' cybersecurity protocols<br>- Educational technology evaluation frameworks<br>- Parting Tool: <a href="https://www.1edtech.org/">1EdTech</a> for vetting educational applications</p>
Pod Engine is not affiliated with, endorsed by, or officially connected with any of the podcasts displayed on this platform. We operate independently as a podcast discovery and analytics service.
All podcast artwork, thumbnails, and content displayed on this page are the property of their respective owners and are protected by applicable copyright laws. This includes, but is not limited to, podcast cover art, episode artwork, show descriptions, episode titles, transcripts, audio snippets, and any other content originating from the podcast creators or their licensors.
We display this content under fair use principles and/or implied license for the purpose of podcast discovery, information, and commentary. We make no claim of ownership over any podcast content, artwork, or related materials shown on this platform. All trademarks, service marks, and trade names are the property of their respective owners.
While we strive to ensure all content usage is properly authorized, if you are a rights holder and believe your content is being used inappropriately or without proper authorization, please contact us immediately at [email protected] for prompt review and appropriate action, which may include content removal or proper attribution.
By accessing and using this platform, you acknowledge and agree to respect all applicable copyright laws and intellectual property rights of content owners. Any unauthorized reproduction, distribution, or commercial use of the content displayed on this platform is strictly prohibited.