Assessing Cybersecurity Risks in Schools with Chris Rule, CETL

• Sean

Hello. You’re listening to the K-12 tech podcast, bringing you insights in the world of education technology. Stay tuned as we discuss the past, the present, and most importantly. The future of technology in our schools.

Hello and thank you once again for joining us for our K-12 tech podcast. My name is Sean. I’m your host with my co-host, Mike. And today we are joined by Chris Rule Seitel, he is the director of information services with Sublette County School District number one in Wyoming. So he’s going to join us from the other side of the country. Hopefully, you are, too. And then, Chris, I’m going to give you some time to introduce yourself, but I want to first thank you for joining us today.

• Chris

Yeah, thank you very much. I’m happy to be here. So I’m Chris Rule. I am a Colorado native, fifth-generation Colorado native, grew up in the Steamboat Springs area, and family kind of homesteaded in that area grew up on a ranch just a lowly ranch kid working with my hands and thought that’s how I’d be making a living. Most of my life did not like school growing up, loved learning, did not like school. And so I was a struggling student through school, not because I was not smart enough, but I think I was bored with the platform. And after school decided I would take a few college courses at our local community. College was kind of doing some martial arts things there and thought, Well, I’ll prove my knowledge and find out there was a grant to go to, you know, go to school full time.

There went on and continued schooling at the university of Northern Colorado in Greeley, got an education in exercise science, did absolutely nothing with that worked my way through college was very nontraditional student life for girls. I had four young girls, infant-age girls while I was in college. So I was a very nontraditional student and kind of brought that perspective to my learning of, you know, there’s got to be something better. And I learned about exercise science and learned that I probably wasn’t going to be able to make a good living in that. At the time, I was working at Hewlett-Packard doing kind of some support stuff and found out about a job in my wife’s hometown of Colorado as a technology director for a school. And that was in 1999.

It was kind of a new position. Nobody knew what it was and got the job kind of defined what the position was, got tied up with some really good other professionals in that area, continued my career at the director level for a number of different school districts, and finally found myself where I’m at in Pinedale, Wyoming. I’ve worked primarily with small rural schools. Every school in Wyoming is small and rural. Even our largest district is only 18,000 students. So, you know, and, you know, you hear some of these tech directors are like, well, we have 250,000 students. We’re we are not in that boat. My district serves 1100 students K-12. So we are very small. And it’s very challenging because technology people in small schools where a lot of hats, and we do a lot of different things.

And I think that’s why I have enjoyed working technology in education so much is because I’m not bored. You know where I was bored in school and I didn’t feel like I was challenged or appropriately challenged. Now I sometimes feel like I’m over-challenged. I have too much on my plate, but it it’s exciting and I know there’s a purpose. So I would almost imagine then based on the wearing many hats comment that being a tech director in a smaller school district, you know, you said, you know, comes in two different challenges. Obviously, a tech director of a 250,000-student district also has some issues. And both of you are dealing with different issues. But there have to be similarities between the two as far as the position that you’re in is in a small school to you, 250,000 student district.

So absolutely, I would say it’s very similar. You know, that was one of the things that kind of struck me when I was studying for my Seattle certification was that you know, that certification is very geared toward the I.T director or the CTO or whatever that title is in education. And as I was looking at the requirements and you know, the things that would be covered on the exam, it was obvious that it was kind of universal across the, you know, across the whole spectrum. We all see the same thing. You know, a tech director at a very large school may not be nearly as hands on as I am. You know, they might not be working directly with a student to figure out why their device footprint or but someone is and that understanding of that process and those procedures and the things that go into making that work, you know, that’s what it’s all about.

• Sean

So with our discussion previous to starting the podcast, you had talked about some of the interests you were taking or some of the, I guess, fields you were taking more interest in in the technology world of schools.

• Chris

Yeah, you bet. So a few years ago, our business manager at our school came and said, hey, you know, we’re our group insurance platform is is wanting to get a cyber insurance policy. And these are some questions we have to answer. And I want to say it was like 3 to 5 questions, you know, basic things like do you have a backup plan, you know, basic I.T. stuff, right? How are you protecting your digital environment? More or less. And pretty easy. You know, we answered those things and went through and we always felt like we did a pretty good job on, you know, in our technology, pretty technology focused in our school, and last year, that same questionnaire was about five pages, much more detailed, much more requirements. You know, now the insurance company is saying, you know, you have to enable multifactor authentication. You have to do, you know, a number of different kinds of almost compliance-type items, right? And the insurance industry, a lot of schools are facing the same thing. They’re being forced into compliance by the insurance industry. And not that that’s necessarily a bad thing.

I think it’s the wrong focus, but at least it’s forcing schools to do something because we’re traditionally more focused on making it work than making it secure. A lot of times in schools, especially, we hire people that don’t have as much technology skills as the private sector. And that’s because we usually can’t afford it. Right. We just don’t education just doesn’t pay as much there. There are other draws in to working in education, but usually, salary is not one of them. So so a lot of times we promote people into these high-end tech positions that don’t have necessarily the proper skills that are needed, especially in the past few years where technology just exploded. Right. The use of technology in schools, you know, with COVID and everything that’s changing in the world, it’s just growing beyond what schools can handle. And so now then the insurance industry is saying, well, you know, you’re increasing your risk and we’re accepting that risk. You’re going to pay for it. But we want to make sure you’re doing these things to minimize that risk. And it’s really started that conversation. Oh, go ahead.

• Sean

Sorry, I don’t want to cut you off, but when you say the insurance companies, are you talking about like the insurance behind the data that the insurance behind the devices? I mean, what is the insurance covering?

• Chris

Yeah, that’s a great question because there is device insurance, right? You’ve got a device and it breaks and you send that back. Now, this is more high-level insurance, like a liability policy where if you had a cyber attack and you have a breach and you’ve lost some data in you know, in a commercial industry, it’s pretty easy to say, well, if we’re if our operations are not running, we’re losing $100,000 a day. Education is different. Our are the things that we protect or, you know, we’re not making money on a daily basis. We’re just producing kids and but we still have to protect that data. So this is a liability of schools are a big target depending upon what you know, what study you read everything that I’ve seen, we’re in the top five.

It’s government, education, and health care. And that’s because schools can pay. So you’ll have you’ll get a ransomware event like what happened in Los Angeles this last summer where the files were basically taken, hostage. Student data. Parent data. You know, the data the schools have is what the bad guys want. They can use that data for you know, they can create credit accounts with them. And no one’s monitoring that right of kindergartners that account gets used. No one’s looking at that. It might be that kid might be 20 years old before they realize that 15 years ago someone filed bankruptcy, you know when their name. So there’s it’s value target and the insurance companies know that. Right. So they know, hey, we want to help protect the schools and we’re going to give you a policy that maybe will we’ll pay you to know, maybe you have a $10,000 deductible and we’ll pay up to half a million in claims over that, whatever that might be.

And that’s something that all schools are kind of facing. Cyber insurance I don’t think is required, but insurance companies are kind of adding that component into other policies. So if you want to continue with this policy that you have that maybe covers your property liability, you’re going to include this cyber liability. Also. And for just being a small school, it was a challenge for us to fill that out. And we found that there were a number of things we were kind of not compliant with. And so that was when I really started diving harder into the cybersecurity aspect of it. And the one thing I’ve learned is you can be really good at IT, but not very good at risk management and developing your cyber plan for your school.

And that’s kind of what we saw as where we felt like we’re doing a pretty good job. But when it came down to having an actual risk analysis done and best practice across the education industry, we are not doing so great and I am finding out that that’s kind of the norm across the school industries and so what my drive and my focus now is to, you know, to obviously improve where we’re at, but to also work with surrounding schools and other professionals. And my see to be better aware and to take the steps necessary to move forward. It’s a big step.

• Sean

But what are some of those things that maybe until reading those five pages, you were like, Oh, shoot, we’re not doing this and none of these schools are doing this either? So how do we get to where we can check off these boxes?

• Chris

Yeah, that’s an excellent question. Right. Where do we start? Right. We had the same thing. And now you always use that analogy of how you eat the elephant one bite at a time. Well, that’s true. But where do you take that first bite? You know, where is that elephant most tender that I need to start with? And we found ourselves in that position. And that was probably the hardest thing of starting. I think part of it is we’re so schools want to do things really well. And so a lot of times we want our plan to be perfect before we put it in place. And what I found is that you can’t do that, not with cybersecurity, you’ve got to just start with those things.

So obviously there are some compliance pieces like multi-factor authentication, training for your staff, whatever the insurance company is saying you need to do, those are things that you have to do in order to meet that compliance. But beyond that, probably the weakest area that most schools are in is in the administrative control section, and that would be the policies and guidelines that kind of how we conduct business. I listen to that podcast you were talking about where you said you brought your laptop in and didn’t think anything about it. Well, the school may have had the school that you went to may have had a policy on that, but you weren’t aware of it. Right. If they did that comes in your administrative controls, your policies.

Right. That’s either in your acceptable use policy or that’s in your staff’s use of technology. Most people don’t think twice about bringing technology into a school. But, you know, I kind of liken it to you do you let someone into your neighbor’s house without asking them? You know, and it is a weak spot because you now have devices on your network that you’re not thinking about. But if things are set up properly, it’s not as we it just all comes down to that risk assessment. Right. It’s you find out where you are, where you are. The weakest is that you know when you were connecting where you’re connecting the guest. Why fire? Did you know the password to the main school’s Wi-Fi? You know, did you have unlimited access to the network?

Could you find servers? Those are all things that would play into that. It really does boil down to that level of risk that we’re able to accept because you’re never going to eliminate all that risk. You’re never going to be 100% secure. But if you want your teachers or your students to bring their own device as many schools do, then you have to figure out how can we put that together to do it? So that’s where the risk assessment comes in. So, right, that was the second thing we did. We knew we had to do something. We met our compliance piece then we said, we’ve got to do this risk assessment. There were a number of interview questions that covered everything from policies and procedures and how do we do it?

Talking about backup plans and even physical security, do you just let people walk in your building and, you know, your computer screens visible when someone’s walking by? Do people leave sensitive information on their desks or passwords underneath their keyboards? You know, all these kinds of things that especially we do in education, that you give someone a new password and that’s on a sticky note on their monitor. It’s a risk. But is it, you know, does someone have access to that room? You know, you have to weigh all those things in. And that’s where the risk assessment comes in. Good risk assessments. Well, they’ll measure all of those things and then they come back with the highest-impact items, right? Well, this is a major thing. You do have, you know, an open Wi-Fi.

Anyone can pull up to your building and get on your Wi-Fi and then they can access you know, they could do a scan and find your servers and you’re just opening the doors. The second part of that is defining what it is. You want to protect yourself as a school. You need to know what are the bad guys after, what data are they looking for, and what do you need to protect? Obviously, we think about that seriously when we know we need to protect our students from bad guys or even internal threats. We have all these, you know, gun safety and different things that we put into place physically in schools. But we need to have that same mentality digitally. Right. And so what are those highest priority items? And that’s where you know, where do you chew on that elephant first?

• Sean

So I assume we’re moving past just installing Norton Antivirus on computers now.

• Chris

Yeah. Yes, it’s well beyond that. Obviously, there are a ton of layers to it. And, you know, information security is it’s not as much about information or security as it is about people. It’s how we handle our practice day to day, you know, all the way from our board of directors down to the teacher or the custodian. We all have a part in that. We all have a responsibility in that they’re all different. Obviously, i.t is a huge part of that because we have to implement those measures. However, we’re going to protect our data. We have to implement those. But we also need to do it in a way that is not going to be inconvenient or cumbersome to our end users.

We want to make sure that we’ve decided as an organization what’s going to work for us, you know, just like I was saying. But are we going to let people put passwords on their sticky notes, on their monitor, maybe? I mean, if that’s that’s what it takes. That’s what we’ll do. I wouldn’t recommend it. But at the end of the day, it’s not the tech director’s job or, you know, the information security officer’s or whatever that role is. It’s not that person’s job to set those policies. It’s their job to make recommendations. And then as an organization, whether it’s a school or a business, then you decide what works for you. And again, it’s that it’s all a management of risk, but it definitely has been beyond the normal antivirus. Obviously, antivirus is a part of that, right?

Our networks aren’t used to just kind of protecting your own network. Right. At school, we have a firewall and we have an Internet filter kids can’t go often and get on malicious websites, but then kids start taking their devices home. And immediately schools were saying, well, we don’t have filtering at home for kids. Now, most schools do. Most schools, you know, if you take that device home, it’s got filtering. But a lot of times we forget to protect our staff devices. You know, we yeah, we have a firewall at work. And when our devices are here, they’re pretty protected and people can’t go to those malicious sites. You know, it will automatically detect if there’s unwanted activity on there.

But what happens at home, what happens when you are sitting in your home office and you connect that laptop and you go to some site that loads some piece of malware on there, you know, it’s so it’s that. And then knowing to write how your device might be infected, we have no idea. It does. It’s a big challenge for everybody, but especially schools, because that’s not our primary focus right now. Our primary focus is to teach kids under movement out into the world to be successful adults.

• Sean

Yeah, for sure. And you mentioned, you know, devices being taken out of the school and for still protecting those devices, making sure that there’s still controls on those devices when they are connected to the home network. But I think now there’s also something devices coming into the schools, whether or not the kids are provided with a Chromebook or a laptop or whatever. But you also have smartphones. You have watches that can connect to Wi-Fi. There are calculators that connect to Wi-Fi. So there are all these different devices. I mean, so does the security that you implement with that network, does it also meet the standards that those devices that can also connect to the network, you know, and potentially bring something bad into the school?

Does it work with those types of devices, too, are really just like computers?

• Chris

No, I think you have to think about all of those things. Right. It’s that Iot, the Internet of Things, right? The last report I saw said there was like 4 billion Iot devices in the world. It’s a large number and we always consider that our kids have at least two devices at school sign device and a phone. Right. As you said, most kids now the smartwatch, it’s either connecting to their phone or to the network. What we’ve done to kind of control that is we have a guest network. Obviously, we have people that come in, even subs that come into our school, all the time, guest speakers, whatever. Our guest network is completely isolated from our network.

It’s more like what you would get if you went to a Starbucks or McDonald’s and got on their Wi-Fi. Right. It’s just Internet access. It’s not going to give them the ability to print on our network. They could join their computer, their school computer to it, and they’ll be able to do all the things they could do on on the Internet. But they can’t do maybe some of those special things that they could just do on our network. We have to really control our network, the one that is the higher risk. Right. That has those crown jewels. It has our data that we don’t want people to get to because students are also at risk in school. Some students, they just want to be here.

Right. So they would rather disrupt service. They’re not motivated by money. They’re motivated by not wanting to take a state assessment. And they’ll do it’ll work day and night to try to figure out a way around the filter or to just sometimes cause headaches. Usually, when we have those students, I try to get those students to help me. I try to get those students in the tech department and working for us, get them on your side because they’re out there. They have the talent and they have more time to spend on it than we do.

• Sean

It’s amazing how much time kids will spend researching, taking things, and learning things to get out of researching things and learning things in school.

• Chris

Absolutely.

• Sean

While okay. So I mean, I guess he’s clearly been looking a lot into all of this. What was like one main thing you did to like bring someone locked down to the security at your district?

• Chris

I don’t know if necessarily down is the main thing. I can tell you it at least on in our school, our biggest or greatest weakness was that we were not able to detect when something bad was necessarily happening. So like like you said, you brought a computer in. We wouldn’t know whether you had connected that to our network or not, just something that would slip under the radar and not only connecting to our network, but other things. Right. We had a decent antivirus on our computers, but it didn’t really report back to like a central management tool where we could look and say, oh, look, over the past 12 months, we had, you know, this many viruses or, you know, we just were not aware of the threats that were even potentially open any of the vulnerabilities that were on our network.

So the first thing we had to do to kind of try to just get a handle on where we were at was figure out where we’re at. Right. We do have some vulnerability scans done, both external and internal, you know, and look and say, well, this is server 2008. This is probably something you shouldn’t have on your network anymore. You know what? Why have you not upgraded this? And, you know, it usually comes down to just a matter of time. It was really just a matter of figuring out where we were, where we wanted to go, and how we were going to get there. Right. And then, of course, how much it’s going to cost. That was the other thing is there’s just no budget set aside for this because we haven’t done it before.

And probably one of the most challenging things was getting our board and our administration to see the need. A lot of people are just like, I don’t we’re small, you know, we’re a small school in Wyoming. Why would we no one’s going to be attacking us. You know, they’re going after Los Angeles. They’re not going to be attacking us. And that’s not necessarily true. So it’s awareness and not only awareness of what we’ve got, but awareness in the sense that people need to be aware that they’re there is an issue and it needs to be addressed now. And you don’t have to do it perfectly, but you have to do something and figure out what are those highest impact items for your environment and work on it. And we do this at home, right? We do. I need to lock my door when I leave now. Maybe not today. Everyone’s, you know, and I don’t know about you, but everyone’s going through those decisions in their mind on every aspect of life. You know, I’m I need to cross the street. I go down to the light or just run across here.

That’s a risk assessment. We need to get in more in the practice and education of thinking about risk and impact on all of our decisions, especially when technology is growing as quickly as it is.

• Sean

And I think that’s a good point. You know, it’s one of those things where people look at a school. I mean, they’re in its very educational institute. They’re there to learn that this is what schools are for learning, learning, learning, learning, sports learning, learning, learning. But there is that aspect of, all right, well, we’re doing all this learning. We also have enrolled our students with their Social Security numbers and every other little bit of information. You probably linked some sort of account to their lunch cards. There’s so all these things that are saved within the network that if they are accessed even HIPA violations with any you know, health care kind of stuff for the student’s information, then it’s definitely something that you don’t want the public to get to school bigs, big schools or small schools, you know, you definitely need to protect.

And the whole point of the school is to protect the children, right? That’s to protect them and enrich them with information and send them out into the world and hopefully, they do good things.

• Chris

Yes, that’s exactly it. You know, and that’s a really good point is that parents trust schools, that they’re protecting their kids. And that was what I tried to convey to our board is that you know, these are some risks that we have. These are some things we need to address. And it’s going to strengthen that relationship we have with the community because the schools definitely impact almost everyone in the community. They need to know that we take it seriously and that we’re doing what we need to there. You know, they’re seeing the same things on the news that we’re seeing. You know, hey, my school was hacked. And, you know, as a parent, you’ve got to be wondering, what is my school doing to take care of that? And they’re just trusting that we are right.

And even beyond that, the administration in the school is trusting. The tech department is doing it. Tech department might not be doing anything, you know, in regards to that, I heard the analogy that it’s you know, it’s kind of the spare tire. You’ve got to have a backup plan. Someone goes on a ride with you and you get a flat tire. If you’re the driver. They assume that you have taken care of that, right? You made sure you had enough gas and that you’ve got a spare tire and it’s aired out and things are ready to go. That’s how schools treat technology. Is that the tech supposed to take care of that? And at times we falsely assume that that’s happening because it probably isn’t that, at least not to the extent that it needs to be. I just think there are a lot of questions that need to be asked. The boards need to be aware. I guess one of the main things that if anyone was to take anything away from this is in a school district who’s ultimately responsible if there there is a data breach if there’s a ransomware event or something happens, who’s responsible for that?

Is that the I.T. director? You know, if the incident happened at a high school, is it the principal of the high school? The reality is this the board, the top level, the Board of Education is ultimately responsible for whatever happens at the school, whether it’s a safety event, whether it’s a transportation accident that happened, or whether it’s a cyber event, the board is ultimately responsible. And that doesn’t mean that everyone doesn’t have some responsibilities. But the board is ultimately responsible and too many times someone is made the scapegoat. Writes The superintendent is let go or the tech directors let go because something happened. And that may not be the right answer. School boards need to be aware that there are things happening in their schools that probably aren’t getting the attention they need. And it’s probably not football.

• Sean

Yeah, and that’s the thing too, right? I mean it. And a lot of times, unfortunately, school boards are made up of a lot of people that never really were at the ground level in education system. So they may not understand why those things are important or how they could be breached or why this needs to be taken care of before it’s a problem. And it’s really at that point going in front of this, going in front of a board. I mean, you’re a salesperson for whatever cause it is that you’re bringing to the table and you got to sell them on it because they have to sign off on the budget.

• Chris

That’s right. Yep. Yeah. And educating them on that too. Right. The superintendent does it with education all the time. Right. We’re going to get this new tool. This is going to let us assess our students or whatever. They’re selling the board on that concept because like you said, you know, in our case, we’ve got ranchers and, you know, executive-level businessmen and different people that have ran for the school board. They’re obviously not getting paid for it. They just usually have kids in the school. They have an interest in it. They want to make sure that we’re represented well with our sports teams and that, you know, we have a good name in our community and are preparing our kids, especially my kids. If it’s my kids, you know, but there’s a lot to it.

And yeah, it has to be really condensed and boiled down at a level that they can understand. Right? Because I would never talk to a board member about what we’re doing, you know, how we’re connecting our computers. And, you know, this there’s just not there’s technical it’s beyond what they want to hear. And it’s really easy for a technology person to start rattling off some acronyms and mumbo jumbo that make people have that glazed-over look, you know, like a deer in the headlights. That’s I think one of the strengths that I have been blessed with in my life, is that I have the ability to kind of interface both. I’m kind of the liaison between the natural speaker and the educator and the technology people. So I can go in between. I can take those concepts back and say, Boil it down to this is the main thing I want you to understand without all the details in there.

And I know in the fetal preparation, that was one of the things that they really talked about. You know, we talked earlier about large and small organizations communication for a chief technology officer is such a key component. Being able to be personable and likable and being able to talk to a teacher or a board member or a community member. And it’s not always in a school setting. You know, people catch you in the grocery store. Look at you the different functions and being able to represent your school well and convey those ideas and the theories and things that you’re working on. It’s such a key component.

• Sean

It’s no small task. I mean, am I wrong, Chris?

• Chris

Think it’s definitely not a small task. It’s a hard job. It but it’s rewarding at the same time. You know, I think having those relationships and feeling like at the end of the day that you are making a difference, you know, that people value your position, they value what you’re doing and that you’re, you know, you have their best interests in mind. It’s different than working in the corporate world. When I worked at Hewlett Packard, I didn’t really particularly care about our mission, you know, as a whole. I was just there to get a paycheck moving an education. It was very different. I remember having a conversation with my dad early on in my career and he said, Man, you’re putting in a lot of hours.

I hope they’re paying you overtime. I said, No, no overtime. No overtime in education. And he said I would do it. I just go home. And I said, Well, there’s a difference. We’re not producing widgets, we’re producing children. And I think that’s why we’re in education. That’s why we’re doing what we do not again, like I said before, it’s not for the money. Not that I don’t make a good living. I do. And I’ve been very blessed to be, you know, put in the position I’m in. But I could make more in the public sector and just may not be as rewarding.

• Sean

Well, absolutely. And you’ll talk to anyone that’s in any type of education that no one. Okay. I can’t say no one. But I would say 99% of the people that work in the education field knew going into it they were not going to retire. And I’m mega-yacht down in Miami. You know, it’s just not in the cards. But that’s not why you get involved with education. Like you said, it’s 100% for the students.

• Chris

Yeah. And like I said, you know, if I could go back and talk to my younger me and say while I was in school if I had told my young self that I was going to be working at a school, there is no way I would have believed myself because it just didn’t value education. Like I said, I loved learning, but I did not value education. And that’s one of the things I really try to bring into focus with any of the students that I interact with is that you know what, you’re going through today is not the reality of what you’re going to have for the rest of your life. And you need to make the most of every situation that you’re in right now.

Learn what you can everything you have is a learning opportunity. And just to let them know that you know, I was kind of in your shoes. I was not a good student. I barely graduated, you know, and now I’m working at a school. Don’t let, you know a low A.C.T. or an SAT score. Define your life. That’s not who you are. Who you are is who you are. Not your test score, not the grades you’ve got in school. You know, it’s hard to convey that to some kids. And that’s where I would say I try to capture those kids that seem like they have that tech aptitude because those are the ones that are bored right there.

They’re sitting in algebra class and they’re not wanting to learn how to do a quadratic equation. They’re wanting to learn how to bypass the filter so they can go play, you know, some snake game or something. And if I can get them and just impress upon them that, hey, make it through, you’ve got to get through high school. And you know, if people are not dying of teachers are saying you’re not going to amount to anything, don’t believe them because that’s just not where you are.

• Sean

Yeah, absolutely. And you know, hey, find the kids that find the holes, and then get those kids to fill the holes and no more holes.

• Chris

Yeah. And it’s you know, it’s amazing. You would think that those kids would be very anti-authority. And maybe I don’t come off as an authority figure to them when I talk to them. But more times than not, I can just ask them a simple question Do people know the wireless password and they’re immediately there? So eager to help, even if they’re ratting out their buddy that sitting next to them, you know, that it’s kind of surprising, you know, and like I said, maybe it’s because they don’t see me as an authority figure. Maybe they wouldn’t answer that way to a principal or to a superintendent. But if it’s the tech guy talking to them, maybe it’s that connection that builds it together and yeah, it makes it a lot of fun.

• Sean

Well, Chris, you’ve used words like fun and passion, you know, continuing learning new things. Clearly, you need all of those attributes to be in a position you’re in and be successful at it. So I think the district is in very good hands with you there. But I do want to give you some time real quick to plug any social media if you’re on LinkedIn or if you have any recordings for yourself or any articles you’ve written where we can find those, go ahead and let us know and let the listeners know and hopefully we’ll get you some connections and you can talk to new people.

• Chris

And does that work? I’m pretty, pretty strong on LinkedIn. You can find me there. On almost all social media. You can find me on Mastodon, Twitter, LinkedIn, Facebook, and all the social media platforms. Not Tik Tok. Sorry, but I am on, on all the other social media platforms, just as I are usually I do write a lot of articles on I shouldn’t say a lot.

I’ve written some articles on LinkedIn. They’re all educationally focused, everything from why the schools need Internet filtering, to what’s the purpose? How do we best handle that? I’m focusing like, I said more now on cybersecurity, working on some articles about what where do we start, what’s the best way, and where do we move forward? And I’m more than willing to help people. I try to connect with people all the time that are in my seat in education, small schools, and big schools do anything I can to help, as you know, time permitting, of course. But we’re all fighting the same battle. And just in everything, I should say, we’re fighting the same war on different battlefields. And just because we’re in little Wyoming, rural Wyoming, doesn’t mean we wouldn’t have something of value.

I’m more than happy to help. I’m always encouraging our peers. Wyoming is a tough state to crack. We’re very independent here and trying to get other even other tech directors to ask for help is challenging. I think back East it’s more of you know, it’s more of a conglomerate. It’s a community where people are they’re reaching out and asking for help. Wyoming, Montana, and Colorado is not so much the pioneer spirit. You know, I want to help you out. And it’s like people don’t trust you. I don’t believe you. I’ll do it myself, you know, I’ll figure it out. I don’t need you to plow my field for me. I can do that myself. I’m not going to use your horse work. There’s no sense in reinventing the wheel. And I always try to reach out if I have a question or a problem. And I encourage anyone to do that with me as well.

• Sean

Yeah, absolutely. Always, always ask for help. Two heads are better than one. You know.

• Chris

That’s right. And I am a certified VC, which is a virtual chief information security officer. I that was going down that path of cybersecurity. I am more than willing to try to help schools down that path. As I said, you know, it’s just a matter of where do we get started. I, I can point you in the direction of some tools to use free resources, and paid resources, all of which I’m all about free education. It’s, it’s hard to find the funding. So I have a lot of resources in my utility belt to pull out and let you use.

• Sean

Well, that sounds great. Chris, thank you so much for coming again and joining us for a K-12 tech podcast. It has been an absolute pleasure to all of our listeners. Please like and subscribe if you would like to be a guest on our next podcast or if you have a topic of interest you’d like to request, please visit our website at K12.

That’s https://www.k12techrepairs.com/podcasts/ and reach out. And we’d love to hear from you. Thanks for listening, Chris. Thank you again for joining us. It was a great conversation. It was awesome. Hope to talk to you again soon.