Password District Data Breach Exercise [District Name] [Date] [Logo]

Slides:

Advertisements

Similar presentations

After Action Report & Improvement Plan (AAR/IP) Elizabeth Jane Tangwall Office of Emergency Preparedness.

Advertisements

TRUMANSBURG CENTRAL SCHOOL DISTRICT SUPERINTENDENT’S ENTRY PLAN

Master Scenario Events List (MSEL) Conference DATE

Crisis Communications for Security Issues: A Nightmare You Can Manage Marilu Goodyear Donna Liss Allison Rose Lopez Jenny Mehmedovic The University of.

Session 2.3: Skills for Supportive Supervision

Semonti Basu PBS Technical Assistance Facilitator Grace Martino-Brewster PBS Specialist Austin Independent School District Connecting Data Dots Using data-based.

Marketing Webinar 1 Welcome!. Crisis Preparation 2.

{ Preparing Your Bomb Squad “By the time you hear the thunder, it’s too late to build the ark.” ~ Anonymous An Introduction to Crisis Planning.

Data Breach Notification Toolkit Mary Ann Blair Director of Information Security Carnegie Mellon University September 2005 CSG Sponsored by the EDUCAUSE.

The Massachusetts Model System for Educator Evaluation Training Module 5: Gathering Evidence August

1 CFSR STATEWIDE ASSESSMENT LESSONS LEARNED (State) CFSR Kick Off (Date)

The general structure of the facilitation notes will be:

Presented by Michelle Scharf, Transfer Center Director.

Student Assessment Inventory for School Districts Inventory Planning Training.

Business Continuity Check List PageOne. - Why Does Your Business Need A Continuity Checklist? Should the unexpected occur, your business will be able.

EPR-Public Communications L-05

Presented by Margaret Shandorf

Washington State Teacher and Principal Evaluation Project Preparing and Applying Formative Multiple Measures of Performance Conducting High-Quality Self-Assessments.

Involving Parents 1. DeAnn Lechtenberger — Principle Investigator Nora Griffin-Shirley — Project Coordinator Doug Hamman — Project Evaluator Tonya Hettler—Business.

Preventing and Managing a Crisis. Overview This session will cover how to: Develop a crisis communications plan Prevent crises Prepare for crises Implement.

(Insert agency name and/or date) Are we prepared?.

IAEA International Atomic Energy Agency EPR-Public Communications L-011 Good Practices for PIOs.

Florida Catholic Conference Accreditation Program

Leaders Manage Daily Operations

Preparing for and Disseminating Study Results. Overview This session will cover how to: Develop and implement a dissemination plan Correctly time the.

Purpose A crisis communication plan coordinates the communication within the organization, as well as between the organization and the media and the public.

[INSERT Your name, title] [INSERT PRESENTATION TITLE]

Sensitive Data Accessibility Financial Management College of Education Michigan State University.

Welcome Class of 2014 Casting your Net Aug

Responding to a Security Incident Maryland Security Day March 2, 2004 Joy Hughes, CIO

1 Teacher tube- “Learning to Change and Changing to Learn” “Death of education, but dawn of learning.”

Secondary School Councils and Effective Communication YRDSB Fall School Council Orientation Forum 2009.

Whiteboard Zoom Out Surveying Year One of the Oklahoma Value-Added Model.

Conservation Districts Supervisor Accreditation Module 9: Employer/Employee Relations.

Course Applications, Scholarships, and the Special Entry Access Scheme (SEAS) Thursday 9 June 2015 VICTORIAN TERTIARY ADMISSIONS CENTRE 40 Park Street,

Preparing and Budgeting for Communications. Overview This session will cover how to: Perform a “desk review” Conduct an environmental scan Develop a communications.

PARENT NOTIFICATION SYSTEMS School District Planning Considerations Planning Considerationsfor Implementing and Activation.

Communications Plan Name of school: Great Hieghts High Project team: Mr. Blank (Principal), Ms. Smith (PTO), Mr. Ringer (PR), Ms. Wire (Technology Director),

Regional Training Sessions The Arts, Grades 9-12 Day Two John Phillips Education Officer, The Arts Ontario Ministry of Education November, 2009.

Security Policies and Procedures. cs490ns-cotter2 Objectives Define the security policy cycle Explain risk identification Design a security policy –Define.

Communicating with the media, PIO’s, & Community Education RUSSELL J. DECKER, MS, CEM Ohio EMA Spring Directors’ Conference April 1, 2010 Columbus, Ohio.

ASEF Risk Communication for Public Health Emergencies, 2015 Overview.

Dr. Susan Lockwood SSA Executive Director June 18, 2010.

Visual 6.1 Unified Command Unit 6: Unified Command.

The Impact of Evolving IT Security Concerns On Cornell Information Technology Policy.

Welcome 2011 California Statewide Medical and Health Exercise.

KCMP SELF-ASSESSMENT PROCESS Winter Reporting Period.

6 Types of Parental Involvement Based on the work of Dr. Joyce Epstein Look at what your school is currently doing Different methods or types of parental.

© 2014 K12 Insight Introduction and Implementation.

Delivering the Message Public Notification vs. Public Involvement Strategic Communication Public Involvement Training Class – Presented by the Office of.

FACEBOOK Material adapted from

Notes for Trainers (Day Training)

A simple tool for a complex job INDISTAR. Learning Outcomes As a result of this training, participants will be able to… Navigate the Wisconsin Indistar.

1 Crisis Management and Communication Dr. Joy Smith and Ms. Robin Denny.

 Continue the role of our Bullying Prevention Coordinating Committee and program coordinator  Maintain an ongoing relationship with your certified Olweus.

The Student Portal and Course Pages. student number student created Staff can reset password to student number.

Thinking the Unthinkable Effective Crisis Planning in International Schools Simon O’Grady Principal The British International School, Cairo.

Better life. Better health. A better North Carolina.

Oregon DMV Fraud Prevention Program Tom McClellan, DMV Administrator.

2 United States Department of Education, Privacy Technical Assistance Center 1 Western Suffolk BOCES Data Breach Exercise.

19 November 2014 Pennsylvania Local School Districts: Regional Data Breach Exercise.

Response to an Emergency Training for 211 Staff in Ontario Updated September

Strategic Communications Training Crisis Communications X State MDA 1.

DaSy Conference Data Breach Exercise August 2016 [Logo]

Branch President’s Role

Resolving Foster Parent Concerns

ACAA Summer Meeting Carrie O’Brien June 1, 2017

Performance Feedback Training

UNUSUAL INCIDENT REPORTS AND MAJOR UNUSUAL INCIDENTS

Presentation transcript:

Password District Data Breach Exercise [District Name] [Date] [Logo]

Presenter Name Organization & Contact Info 2

Password District Data Breach Exercise Table top exercise that simulates a data breach within a complex organization. Intended to put you in the shoes of critical decision makers who have just experienced a data breach. 3

Password District Data Breach Exercise You will be divided into teams to react and respond to the scenario. Over time, the scenario will be more fully revealed and you will discover more about what happened. 4

Be Prepared for the Unexpected! 5

Suggestions Think about each of the roles needed in your organization (e.g., public information officer, data system leadership, attorney, auditors, etc.). The full extent or impact of a data breach is rarely known up front. Do your best to anticipate what might happen, but don’t get ahead of yourself. 6

Password District Data Breach Exercise Each team will develop two key products: 1.Public and Internal Communications/ Messaging – Develop the message(s) you will deliver to your staff, students, parents, the media, and the public. 7 During the event, you will be asked to participate in press conferences about the scenario. Be prepared to respond to members of the media about what is happening and how your organization is responding.

Password District Data Breach Exercise (cont.) 2.Response Plan – Outline how your agency will approach the scenario and what resources you will mobilize. Describe who will compose your response team. Identify goals and a timeline for your response. 8

Background Your school district has [insert desired number] students. Your district provides centralized IT services and support for K12 schools as well as access to a centrally managed Student Information System (SIS). 9

Background (cont.) The new SIS allows administrators, faculty, and other users to log in through the browser and upload grades, attendance data, and assessment data. The new system has only been implemented in a few test locations in the district. 10

Scenario Yesterday, a teacher [personalize for your district] notified the district IT manager that some course grades have been changed in the system. All the students in one course had their grades changed to reflect much better scores than they actually earned. 11

Scenario Initial investigation shows that someone logged on using the teacher’s login information and manually changed the grades. Additionally, the logs indicate that several reports were also downloaded from other systems, including some that contained private information (like SSN) about the school’s employees. 12

Password District Data Breach Exercise 1.Gather with your team. 2.Go over the scenario carefully. What do you know? What don’t you know? 3.Begin building your response. Elect a team member to take notes. 13

Password Data Breach Exercise (cont.) 4.During the scenario, you will receive additional information about the breach. Read each of these updates as the scenario unfolds. 5.We will occasionally pause to discuss where we are, and eventually give a press statement. 14 This exercise works best if approached as a “murder mystery” game. The more you synthesize the information and role play, the more useful the exercise becomes.

Questions? 15

Password District Data Breach Exercise Minutes

Where Are We? Have you begun to build a response plan? Can you make any concrete conclusions? Does the fact that the breach includes SSNs change the way you respond? 17

Scenario Update Logs indicate that the login occurred from the school’s Wi-Fi network after school hours. 18

Scenario Update Logs indicate that the login occurred from the school’s Wi-Fi network after school hours. Reports have surfaced about students offering to change additional grades for money. No names have yet been revealed. 19

Password District Data Breach Exercise 20 End 10 Minutes

Where Are We? Has the updated information changed your approach to the scenario? Think about what controls you could put in place to avoid a scenario like this. 21

Scenario Update Two juniors are rumored to be the culprits. 22

Scenario Update Two juniors are rumored to be the culprits. When questioned, they admit that they located a sticky note with a teacher’s username and password, which they used to log in to change the grades. 23

Scenario Update Students said that they also accessed some other school systems, including a database of employees that listed names, addresses, SSNs, employee ID numbers, etc. 24

Password District Data Breach Exercise Minutes

Where Are We? How has the updated information changed your approach to the scenario? What other information would be useful? 26

Scenario Update The data the students accessed contain personal information for [insert number] students and [insert number] employees. Some of the staff’s personal data have been published to the students’ Facebook pages. News of the breach has leaked out. You are receiving calls from parents asking if their child’s data were accessed and their grades changed. 27

Press Conference The news of the breach is out and you must brief the press and the community. Your spokesperson will give a brief press conference to address the issue and take questions. In the audience are reporters from local and national media, as well as parents, privacy advocates, and activists. 28

Password District Data Breach Exercise Minutes

Where Are We? How did it go? Was your message received well? 30

Develop Incident Response Plan Use your notes from the scenario discussion. Identify an incident response team (e.g., CIO, Data Coordinator, IT Manager, legal counsel). Outline the steps to identify the source of the breach, catalog the data affected, and identify how it occurred. Should you involve law enforcement? When? What legal requirements exist? What preventative corrective actions should you implement? 31

Password District Data Breach Exercise Minutes

Unveil Your Response Plan Take us through your response plan. Include the who, what, when, and how of your activities. What were the driving factors in your decision- making process? Did your plan evolve as the scenario became more clear? How? How should you prepare to enable a prompt reaction to a potential breach? 33

Wrap-up Lessons learned from press conference. Incident Response Plans – what might work for us? What have you learned? Will it affect your behavior? How could this exercise be more useful to you? 34