About Us
About Us
What is the NCNE?
The NCNE is the final product in a series of other attempts to address the issues of cybersecurity in a collective manner. The NCNE was formally created by a signed interlocal agreement in January of 2023 by ten ESUs who all shared a common vision of reducing cyber risk and enhancing cyber resilience for their school districts.
History and Timeline of the NCNE
- Fall of 2021
- Burke Brown of District OR-1 in Palmyra and Gary Needham of ESU 9 pursued an idea of leveraging Network Nebraska as a location of cybersecurity services for K-12.
- Despite their efforts, it was determined that Network Nebraska would not be able to support a cybersecurity effort.
- Spring of 2022
- Without the knowledge of the efforts the previous fall, Andy Boell of the Northeast Nebraska Network Consortium had an idea of how to approach the cybersecurity needs for all schools within Nebraska.
- The plan required one person at the state level and six geographically located individuals across the state.
- Example breakdowns suggested were:
- OPS / ESU 19
- LPS / ESU 18
- ESU 3
- NNNC / ESUs 1, 2, 7, 8 17
- ESU 4, 5, 6, 9, 11
- ESU 10, 13, 15, 16
- Geographic positions would be the responsibilities of the ESU/ESUs.
- State level position would be a shared cost by all ESUs.
- This concept was presented to the Educational Service Unit Coordinating Council's Information Services Committee in April of 2022. Feedback was shared and an invitation to present in May was extended.
- The concept was presented to the Educational Service Unit Coordinating Council Board in May of 2022. The goal was seek approval of a state level cybersecurity position to assist all schools. No action was taken at this meeting.
- Summer 2022
- The K-20 Cybersecurity Task Force was created
- Goal is to create a team who can advise and communicate about cybersecurity from an education-only perspective.
- Voting members include:
- K-12 Members
- ESU representative
- ESUCC representative
- NATA Member representative
- NETA Tech Coordinator representative
- Private K-12 school representative
- Postsecondary Members
- Public university representative
- State college system representative
- Community college representative
- Independent college representative
- Tribal college representative
- K-12 Members
- Non-voting Participants include:
- Federal Bureau of Investigation (FBI)
- Cybersecurity Information Security Agency (CISA)
- Nebraska State Patrol (NSP)
- State of Nebraska Office of the Chief Information Officer (OCIO)
- Nebraska Department of Education (NDE)
- Network Nebraska
- ALICAP
- Public/At Large
- The K-20 Cybersecurity Task Force was created
- Fall of 2022
- With the success of the K-20 Cybersecurity Task Force, a number of conversations followed, and the Nebraska Cybersecurity Network for Education concept was born.
- The NCNE was modeled after:
- The NNNC's structure, which included an interlocal agreement that was open to any ESU to participate.
- The state level position that was originally proposed to the ESUCC in May of 2022
- The NCNE was modeled after:
- With the success of the K-20 Cybersecurity Task Force, a number of conversations followed, and the Nebraska Cybersecurity Network for Education concept was born.
- January 2023
- Charter member ESUs include:
- ESU 1, Wakefield
- ESU 2, Fremont
- ESU 3, La Vista
- ESU 7, Columbus
- ESU 8, Neligh
- ESU 10, Kearney
- ESU 13, Scottsbluff
- ESU 15, Trenton
- ESU 16, Ogallala
- ESU 17, Ainsworth
- Charter member ESUs include:
- April 2023
- The NCNE submitted a proposal to the Nebraska State and Local Cybersecurity Grant (SLCG)
- August 2023
- The NCNE proposal was selected to move forward in the SLCG selection process
- November 2023
- The NCNE voted to appoint Andy Boell as the Cybersecurity Director
- December 2023
- The NCNE received the Grant Award Notification and is eligible for reimbursement of grant funds
- March 2024
- The NCNE hired Rance Hall as the Cybersecurity Trainer
- The NCNE hired Sterling Reeves as the Cybersecurity Network Engineer
Vision and Purpose of the NCNE
- Given the complexity of adequate cybersecurity planning, management, implementation and staying current with both threats and tools/techniques, the NCN aims to concentrate the key and core concepts with an education-centric focus.
- While every school district is inherently unique, the key and core cybersecurity concepts are very similar.
- Many of the foundational concepts can be trimmed to fit the needs of our schools and replicated to become a customizable template applicable to all members.
- Tools and services can be applied to multiple schools, leveraging group or bulk discounts.
State and Local Cybersecurity Grant
The NCNE has applied for the Nebraska State and Local Cybersecurity Grant in April 2023. This grant created a team of three cybersecurity specialists for a period up to two years. Highlights of the grant include:
-
The project budget is $964,529
-
The grant funds requested are $812,976
-
Cybersecurity Director Responsibilities
- Identify ESUs’ and school districts’ network assets, inventories, gather data flows, projects tasks, detection capabilities
- Develop and coordinate cybersecurity organizational policies, tools, and word procedures with internal and external stakeholders
- Develop and coordinate best proactive practices, communications, off-site storage, hardware, software, and recovery plans
- Interview and select Network Engineer and Training Coordinator
- Develop and implement individual projects that focus on identification and detection capabilities
- Establish cybersecurity organizational policies
- Begin development of cyber incident response framework and disaster recovery plans within ESUs and schools
- Projects to implement taxonomy of data and identify, improve, enhance measures to protect sensitive data
-
Network Engineer Responsibilities
- Develop network templates, maps, backups, and restoration capabilities
- Conduct cyber risk assessments, vulnerability scans, penetration tests to identify vulnerabilities
- Coordinate and supervise tabletop exercises to assess access controls and plans
- Test configuration of devices, security controls, and vulnerabilities of organizational assets
- Assist ESUs and schools with network maps and data flows
- Apply lessons learned from prior year assessments to conduct risk and cyber risk assessments
- Coordinate and supervise (in conjunction with Training Coordinator) tabletop exercises to test plans
-
Training Coordinator Responsibilities
- Develop custom training material pertinent to the K-12 environment to supplement current training efforts
- Conduct security awareness, best practices, and facilitate tabletop exercises
- Individual organizations’ projects that focus on best practices
- Conduct (with support and supervision of Network Engineer) tabletop exercises