Ken Brown – Frontline Education

EBay, Equifax, JPMorgan Chase: all have suffered massive data breaches, resulting in millions of stolen records—and identities. Among such giants, health care and finance companies have become particularly vulnerable, with data and dollars being compromised by evermore sophisticated hackers.

For the typical school district technology leaders, such ills might feel a world away. After all, what could hackers possibly want with terabytes of test scores and classroom curricula?

If that’s your thought process, Ken Brown would like a word.

“We’re seeing an increasing number of breaches in the education space, because the underlying data is far more valuable than people think,” says Brown, chief information security officer for software solutions company Frontline Education. “People will pay a premium for information from a minor.”

Soft targets

The reason is strikingly simple: If a fourth grader has her name and social security number stolen, it might take years before the breach is discovered—perhaps upon submitting that first student loan or credit card application. By then, a hacker might’ve opened dozens of accounts, causing irreparable damage to the victim’s credit score, and her reputation.

Having supplied enterprise software solutions to hundreds of school districts throughout the country—systems and software designed to improve everything from school district budgeting and payroll to teacher workflow—Frontline’s ability to protect the underlying data has become an essential part of its service, Brown says. Indeed, it’s been his frenzied focus since joining Frontline in 2016, following more than 20 years in industries ranging from finance to health care.

“Our philosophy has been, we’re not aiming for a pure perimeter defense model,” Brown explains. “This isn’t about just building up the castle walls. It’s about knowing where the data is and emphasizing endpoint detection and response (EDR).”

Rather than focus on basic virus detection, Brown instead made EDR the crux of his strategy. Using technology provided by Carbon Black, he began by keeping 30-day logs of every Frontline Education server—all 11,000 of them. When abnormal activity was spotted, a team would search for similar signs and signals, and quarantine the threats.

He also made use of Carbon Black’s community forums, which allow organizations to post information relating to attempted breaches, giving companies like Frontline a leg up on growing threats, say a new kind of email phishing campaign.

War games

Brown and his team also conducted extensive hacker-hunting simulations. Working with Synopsys, an integrated systems design company specializing in software security, Frontline would pit a team of internal staff against peers posing as hackers, to better understand ever-evolving attacks.

“Whatever applications Frontline uses, whether they’re critical from a business standpoint or those being used by third parties, we find the vulnerabilities,” explains Harshad Janorkar, managing consultant for Synopsys. “We supplement their team to introduce them to as many scenarios as possible. It’s about helping protect a company’s assets while also encouraging teambuilding.”

Despite Frontline’s improved diligence, “false positives” are quite common: spotting the broader contours of a threat, only to discover, after much time and worry, that it was all for naught.

In time, Brown hopes to leverage artificial intelligence and machine learning to make the threat-hunting process more efficient. In the meantime, the more data Frontline collects about false positives, the more coders can devise ways of identifying them more quickly, allowing them to devote more resources to safeguarding the company’s rapidly growing data stores.

“We’ve moved beyond the dynamic of, ‘If we see X, then we do Y,’” Brown explains. “Our approach is much more nuanced than that. We’re trying to not just keep up with threats, but get ahead of them.”

In IT together

Making that leap, Brown says, requires a redoubled commitment to collaboration, both within the organization and with Frontline’s growing roster of partners.

Information security can often be seen as an “add-on” to tech-development efforts; whenever a new product is developed, the security team is left playing catchup. Brown and Frontline’s software architects and engineers are working together to “bake security into the process” of product development: coding security checkpoints and guardrails to maximize the application’s protection.

“We’ve become a lot better about viewing the product lifecycle and pipeline as a living thing,” Brown explains. “So the capabilities we’d normally get through scanning or penetration testing, we’re starting to build directly into the code.”

Frontline is even exploring ways to extend their cybersecurity capabilities into a professional services offering. What began with a short series of webinars and podcasts—wherein Brown would invite customers to talk about their experience tackling security issues—has the potential to become a consulting service.

As school districts across the country look to leverage back-end technology in improving process efficiency, teachers are being freed up to practice their craft.

“Education is at a tipping point with technology, where it’s become the low-hanging fruit for people in our space,” Brown says. “There’s a real opportunity to be a leader in security and data privacy, but we can only do that if we continue to treat cybersecurity in the education space like the critical issue it is.”