Temple ISD reviews cybersecurity initiative; staff report layered defenses and areas to strengthen

Mr. Wallace, the district’s cybersecurity lead, briefed the board on the district’s layered cybersecurity program and recent audit findings. He said the program combines 24/7 managed detection (Cisco Talos), cloud and Microsoft protection (Gradient Cyber), multifactor authentication (Cisco Duo), network device control (ICE), endpoint protection (AMP), and internet-layer filtering (Cisco Umbrella).

Wallace gave several operational metrics for Jan–Oct 2025: about 121 high-level Cisco Talos reports and four high-priority incidents the team treated; Gradient Cyber reported roughly 451 cloud-related events; Duo multifactor is deployed for about 1,380 users with about 9,000 authentications in the past 180 days and about 800 denials; and AMP is installed on about 1,245 staff devices and has scanned tens of millions of files. Wallace said these tools feed into Cisco Talos so analysts can remediate threats, often within minutes.

He summarized audit recommendations that the district is addressing: adopt a least-privilege access model, strengthen password policies, review and remove stale user and group accounts, secure high-trust systems (for example, Skyward) with dedicated controls, set clear retention policies for cloud data and backups, and finalize an incident-response plan that assigns roles and communications responsibilities.

Trustees asked whether non-computer networked devices (cameras, HVAC controls) had been targeted. Wallace said there had been attempts but "none successful," and confirmed the district will review device access policies and cloud backups to reduce exposure.

What’s next: IT will proceed with account cleanups, password-policy updates, incident-response planning, and backup strategy changes and will report progress to the board.