Citizen Portal
Sign In

ETHS trustees hear district cybersecurity update as PowerSchool breach looms in sector

2904121 · April 9, 2025

Get AI-powered insights, summaries, and transcripts

Sign Up Free
AI-Generated Content: All content on this page was generated by AI to highlight key points from the meeting. For complete details and context, we recommend watching the full video. so we can fix them.

Summary

District technology leaders presented a layered cybersecurity defense review, described email/phishing controls and backup strategies, and outlined a breach response plan; board members asked about student device access and reporting suspicious emails.

Evanston Township High School technology leaders told the Board of Education on April 7 that the district has built multiple defensive layers to protect student and staff data, and described steps it would take if a breach occurred.

The report centered on why school systems are frequent targets and on specific measures ETHS uses, including email filtering and quarantine, multi-factor authentication for staff, internal device monitoring and quarterly patching, network segmentation, and regular backups stored both locally and in Amazon Web Services. "We want to be target rich and cyber strong," Mike Corcoran, chief technology officer, told the board.

The presentation noted trends in the education sector, including a rise in ransomware and phishing attacks and recent high-profile incidents affecting vendors. "Phishing is the number-one way that hackers are getting into people's networks," Jeff Oldhouse, network services manager, said. Oldhouse described simulated phishing campaigns the district runs, and reported ETHS’s recent click-through rate on those tests is materially below the industry average for K–12 systems.

Speakers listed technical controls the district uses: Google email scanning and quarantine, geofencing on the firewall to block traffic from high-risk regions, intrusion detection and prevention, content filtering tied to the firewall to meet CIPA (the federal Child Internet Protection Act) requirements, encrypted backups with biannual test restores, and multi-factor authentication for staff accounts. Corcoran said the district engages third-party consultants for assessments and plans a penetration test this summer.

Board members asked how students’ personal devices are handled and how staff should report suspicious messages. Corcoran and Oldhouse said the district issues devices to students and prefers those devices for school work; staff can report suspicious emails using Google’s reporting button and the IT team will quarantine or block malicious content. "If you forward it to us, we're on it," Oldhouse said when asked about reporting.

The presentation closed with next steps: continued professional development, security assessments with an external firm, outreach with the vendor community (including PowerSchool user groups), and monitoring AI-driven threats and defenses. Corcoran said the district maintains cyber insurance and would assemble a cross‑functional response team, including legal counsel, if a breach occurred.

Board member remarks during Q&A noted the topic’s seriousness and thanked the technology staff for their work and responsiveness.

The district did not report an active breach affecting ETHS during the April 7 meeting; presenters said they are monitoring vendor incidents and hardening the district’s systems accordingly.