SLCGP Bulletin - April 2025

SLCGP-funded training course offerings have been expanded - Again!

You asked.  We listened.  After the most recent NH IT Council meeting, Brian Rae, the Information Systems Director for Goffstown, told me about the amount of time he spends just answering town employees “how to” questions about the standard software products they use every day (Mail, Word Processing, Spreadsheets, etc.). This absorbs a disproportionate amount of the team’s time.

We quickly concurred that he and his team were not unique, and every hour the team spent on “how do I…” type questions then patching, security updates, and cyber hygiene actions had to be put off.  After thinking of this for 15 seconds, the answer was obvious – End-User training to create the outcome of freeing up IT and Security Staff to devote more time to securing systems and executing third party risk management! 

Therefore, today we are pleased to announce the availability of End-User Productivity Training subscriptions!  To find out what’s included in these subscriptions, go to the SLCGP Course Listing and click on the End User Productivity Links. Then get every one of your State, Municipal, and K12 Employees a subscription simply by having them fill out this Training Request Form.

Thanks for all you do for New Hampshire every Day!

FFY 2024 Funding Update:

Why K12 Cybersecurity in a Box?

Background and Scope of the Problem:

• In 2024, Primex received 75 Cyber Claims from the membership
• 60% (45 of 75) of the Cyber Claims were submitted by K12 Members (Districts or SAUs)
• 6% (3 of 45) of the K12 Cyber Claims were RANSOMWARE
• 51% (23 of 45) of the K12 Cyber Claims were Financial Fraud
• 20% (9 of 45) of the K12 Cyber Claims were Business Email Compromise
• 33% (15 of 45) of the K12 Cyber Claims were “Precursor” attacks such as Credential Compromise Malware or Phishing Email Clicks

So what?  They can just have a “Snow Day.”

• The Three K12 Cyber Claims for RANSOMWARE caused:
  
  • Significant monetary impact for the effected district/system.
    
    • Cost of System rebuilds – complete burn it down and re-image user systems, domain controllers, and servers.
    • Incident Response took MONTHS of effort to accomplish this and thousands of billable hours.
    • That data is GONE and has a long shelf life for criminals to use due to age of victims!
• Significant disruption (months) to the district financial system(s).
  
  • Recreating payroll from PAPER for example.
  • Trying to remember who all the employees were so everyone got paid.
  • Checks?  Where are our checks?  Can we even print them?  Nope.  Type them.  Where is a working typewriter?
• Significant risk to Students
  
  • Education Process:  Lesson Plans, Lesson materials, Texts, etc. were not available
  • School still had to be open!
  • Student Safety – for some students, school is the safest place they will be all day
  • Free / Reduced Cost Breakfast and Lunch requirements for basic nutrition
• The 23 K12 Cyber Claims that were Financial Fraud caused:
  
  • Fraudulent ACH transfers (direct deposit) of paychecks from payroll systems.
    
    • Usually one pay period, but in the summer months, two pay periods was not uncommon.
  • Fraudulent payments to Contractors

Expected Outcomes of the K12 Cybersecurity in a Box Program:

• Ensure Continuity of the NH K12 Education Process for Administrators, Educators, and Students by preventing RANSOMWARE Attacks and Data Breaches of NH K12.
• Improve the NH K12 Human Intrusion Prevention Systems to reduce Effectiveness of Precursor Attacks.
• Improve the Cyber Hygiene of NH K12 Networks and Systems to prevent Business Email Compromises – Especially those that result in Financial Fraud.

Ken Weeks

Chief Information Security Officer