In episode 184 of Cybersecurity Where You Are, Sean Atkinson sits down with Brock Boggs, Director of Technology at Cityscape Schools and Multi-State Information Sharing and Analysis Center® (MS-ISAC®) member. Together, they discuss how Brock approaches cybersecurity policy development as a journey at his school.

Here are some highlights from our episode:

• 01:21. Brock's first attempt at drafting an IT security policy manual
• 04:17. Fact or fiction? How the best "written" security program doesn't always translate
• 06:35. A starting policy landscape of creating baselines for cybersecurity, ticketing, and more
• 08:40. How Brock learned about a roadmap for his school at ISAC Annual Meeting 2023
• 11:07. Lean and to the point: The second draft of Brock's IT security policy manual
• 12:37. The use of Center for Internet Security® (CIS®) policy templates to write procedures
• 19:34. How Brock used regular updates about his policy manual to secure stakeholder buy-in
• 28:42. Openness, willingness to fail, and adaptability as strengths of the community
• 31:49. Approaching cybersecurity policy development as an ever-changing journey

Resources

• CIS Critical Security Controls®
• Policy Templates
• Formalizing K-12 Cybersecurity Policies in Less Time
• Episode 163: K-12 Cybersecurity Made Practical
• Episode 176: A Cybersecurity Journey of Incremental Wins
• Guide to Implementation Groups (IG): CIS Critical Security Controls v8.1
• CIS SecureSuite® Membership

If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.