Metropolitan School District of Wayne Township Combats Ransomware with SecurityIQ
Personalized security awareness education and network of trained security champions creates district-wide, cyber-alert culture
InfoSec Institute, the leading provider of IT security education and workforce security awareness training solutions, announced the Metropolitan School District (MSD) of Wayne Township, Indiana selected SecurityIQ for district-wide security awareness education. Pairing SecurityIQ with the district’s personalized learning techniques and an internally-developed network of trained security champions, MSD Wayne significantly decreased their phishing attack rate and ransomware susceptibility.
Before SecurityIQ, MSD Wayne experienced an onslaught of four ransomware attacks, one of them crippling an applications database. For Pete Just, MSD Wayne’s CTO, this was the warning and opportunity to strengthen his district’s security strategy. He enrolled all faculty and staff in SecurityIQ awareness training to strengthen their social engineering defenses. Since then, the district has been ransom-free for 18 months. The success of MSD Wayne’s program draws on Just’s former years as an instructor. He pairs these four education best practices with SecurityIQ’s capabilities to boost learning outcomes:
See Infosec IQ in action
1) Data-Driven Insights
It all starts with appraising each staff member’s knowledge about phishing and malware risks using SecurityIQ’s learner assessments and phishing simulations. “We teach our faculty to tailor their student learning through actionable classroom data,” said Just. The same holds true when educating his staff district-wide. “If we want to teach them something new, we first assess what they know, rather than making them sit through a three-hour training.”
2) Personalized Learning
Applying the same 1:1 personalized learning approach that helped his district boost student graduation rates, Just leverages SecurityIQ’s massive training library to automatically deliver modules tailored to each staff member’s assessed security aptitude and role. The SecurityIQ Content Library for Education specifically addresses educator security risks and compliance requirements for FERPA, COPPA and more. Important to Just was having training closely associated with learner clicks. “We needed the ability to determine who received what training and why and receive regular reports as campaigns were in progress,” he said.
3) Positive Reinforcement
“Training shouldn’t be punitive. That’s one of the things I like about how we use SecurityIQ,” said Just. “It starts with how you announce your program. It can’t be about ‘gotcha’ moments and negative feedback. If you start that way, you're probably going to have problems. It’s a learning opportunity and way to avoid future attacks.” Just also recommends reinforcing the benefits of awareness training for staff’s personal security hygiene, keeping his team and their families safe online both at home and work.
4) Internal Champions
Leveraging the support and influence of peers has a profound impact on any education initiative. With 2,500 employees, Just knew he needed to look outside his department to help introduce the new security awareness program. He enlisted help from a group of 40 teachers and tech assistants throughout the district. “We told them we were getting ready to start this program, showed them what to expect and offered train-the-trainer sessions.” Called the iTEC team, this group helps field staff questions and gets everyone on the same page. “We have 1,200 teachers – not all of them know who I am.This approach is more effective,” said Just.
“School districts like MSD Wayne are leading the pack when it comes to developing a pervasive culture of cyber-awareness,” said Jack Koziol, InfoSec Institute CEO and Founder. “Their personalized training techniques and ‘it takes a village’ approach play a critical role in keeping their district, staff and student data private and secure. We’re excited and proud to have SecurityIQ at the heart of their awareness program.”
Read MSD Wayne Township’s complete SecurityIQ success story.
About Metropolitan School District of Wayne Township
Located in the heart of Indiana, MSD Wayne Township is home to 16,500 students, 2,500 employees and over 15,000 computing devices. Its mission is to provide multiple pathways for learning that meet or exceed present and future goals and aspirations of their community through partnership with students, school staff, parents, civic groups, business owners, government, faith-based organizations and the community at large. At the core of their strategy is student success – child through lifelong adulthood.
About InfoSec Institute
InfoSec Institute fortifies organizations of all sizes against security threats with award-winning information security education. Recognizing cybersecurity is everyone’s job, the company provides skills development and certification training for IT and security professionals while building the entire workforce’s security aptitude through awareness training and phishing simulations. Recognized as a Gartner Peer Insights Customers’ Choice for Security Awareness Computer-Based Training, InfoSec Institute is also a Training Industry “Top 20 IT Training Company” and the Security Training & Education Program Gold Winner in Info Security Products Guide’s Global Excellence Awards.
Phishing simulations & training
In this Series
- Metropolitan School District of Wayne Township Combats Ransomware with SecurityIQ
- Tax scam season: How to protect your data from common scams in 2024
- Security awareness for kids: Tips for safe internet use
- Celebrate Data Privacy Week: Free privacy and security awareness resources
- Consumer data, who owns it and who protects it?
- Human error is responsible for 74% of data breaches
- What is a social engineering attack?
- Biggest cybersecurity mistakes by large organizations
- 4 common social media scams (and how to avoid them)
- From theory to practice: Designing a successful security awareness training program
- Understanding cyberattacks: Types, risks and prevention strategies
- Securing digital frontiers: The importance of information and IT security awareness training
- Optimizing your corporate security awareness training: Strategies and techniques
- What is security awareness: Definition, history and types
- Top 10 security awareness training topics for your employees in 2023 and beyond
- AI best practices: How to securely use tools like ChatGPT
- Connecting a malicious thumb drive: An undetectable cyberattack
- 5 ways to prevent APT ransomware attacks
- 4 mistakes every higher ed IT leader should avoid when building a cybersecurity awareness program
- ISO 27001 security awareness training: How to achieve compliance
- Run your security awareness program like a marketer with these campaign kits
- Deepfake phishing: Can you trust that call from the CEO?
- Fake shopping stores: A real and dangerous threat
- 10 best security awareness training vendors in 2022
- How to hack two-factor authentication: Which type is most secure?
- Malicious push notifications: Is that a real or fake Windows Defender update?
- Free Cybersecurity and Infrastructure Security Agency (CISA) ransomware resources to help reduce your risk
- How IIE moved mountains to build a culture of cybersecurity
- At Johnson County Government, success starts with engaging employees
- How to transform compliance training into a catalyst for behavior change
- Specialty Steel Works turns cyber skills into life skills
- The other sextortion: Data breach extortion and how to spot it
- Texas HB 3834: Security awareness training requirements for state employees
- SOCs spend nearly a quarter of their time on email security
- Security awareness manager: Is it the career for you?
- Risks of preinstalled smartphone malware in a BYOD environment
- The ROI of security awareness training
- 5 reasons to implement a self-doxxing program at your organization
- What is a security champion? Definition, necessity and employee empowerment [Updated 2021]
- Excel 4.0 malicious macro exploits: What you need to know
- Worst passwords of the decade: A historical analysis
- ID for Facebook, Twitter and other sites? Not so fast, says security expert
- 3 surprising ways your password could be hacked
- Fake online shopping websites: 6 ways to identify a fraudulent shopping website
- All about carding (for noobs only) [updated 2021]
- Password security: Complexity vs. length [updated 2021]
- What senior citizens need to know about security awareness
- 55 federal and state regulations that require employee security awareness and training
- Brand impersonation attacks targeting SMB organizations
- How to avoid getting locked out of your own account with multi-factor authentication
- Breached passwords: The most frequently used and compromised passwords of the year
- Reduce security events
- Reinforce cyber secure behaviors
- Strengthen cybersecurity culture at your organization
Security awareness
Tax scam season: How to protect your data from common scams in 2024
Security awareness
Security awareness
Celebrate Data Privacy Week: Free privacy and security awareness resources
Security awareness