Board approves purchase of cybersecurity monitoring software after district breach

Santa Fe ISD trustees voted Sept. 15 to approve the purchase of additional cybersecurity monitoring and response software after staff described a recent cyber incident that affected district systems.

Mr. Sanchez, speaking for district technology staff, said the proposed package adds AI-driven background monitoring to detect anomalous activity, reduce downtime after an incident and enable a dedicated vendor recovery team to assist with data recovery and incident response. Sanchez said the software does not host district data on the vendor’s servers; rather, it analyzes traffic patterns to detect outliers and isolates suspicious activity. He described the software’s ability to limit downtime by helping recover encrypted data and to act automatically in some cases to isolate threats.

Board members asked whether the software would have prevented the district’s recent incident; Sanchez said it likely would have reduced downtime and aided recovery but declined to offer a complete guarantee. He said the district has already implemented a number of recommendations — multifactor authentication, password rotation, CrowdStrike across devices, tightened firewall and VPN rules — and that the new software would supplement those measures.

A motion to approve the purchase of the cybersecurity software (vendor name not specified in the record) “in the amount not to exceed $37,730” was moved and seconded; the board voted to approve the purchase. The meeting record contains two similar dollar figures expressed earlier in the presentation ($37,007 and $37,730); the motion recorded on the agenda and read aloud at the time of the vote stated “not to exceed $37,730.”

District staff said the vendor would provide an incident-response team to support recovery at no additional cost in an event covered by the agreement, and that the monitoring service uses pattern analysis rather than hosting district data on the vendor’s servers.