Update: I wrote a blog that was published back on March 30, 2017, entitled Cyber Education: Why Not Start Early? My point was how shocked and disappointed I was that there was no cybersecurity program in the Anne Arundel County Public School System here in Maryland.
Anne Arundel County is the cybersecurity capital of the free world. It is home to the National Security Agency (NSA), U.S. Cyber Command (USCYBERCOM), Defense Information Systems Agency (DISA), the DOD Cyber Crime Center (DC3), the Naval Academy, and literally hundreds of government contractors employing tens of thousands of employees to support these agencies.
Back on June 1st, I received an email from the Deputy Superintendent of the Anne Arundel County Public Schools asking me to meet her for lunch with the Chair of the Education Committee of the Ft. Meade Alliance. They wanted to discuss my blog. I was pleasantly surprised that someone had actually read what I had written. Didn’t happen much when I was in the government.
Then I had an uneasy feeling since I coach baseball for Meade High School in AAC, and I began wondering if they were going to fire me. I thought this meeting could either be very good or very bad. I eagerly accepted the invitation and coordinated on a date two weeks in the future.
I met the two ladies at a local restaurant and we exchanged pleasantries. Then I asked if I was being fired. They both chuckled. The Deputy Superintendent gave me the background for calling the meeting: someone from the Anne Arundel Economic Development Corporation had contacted her office regarding my blog. She then started to list everything the Anne Arundel County Public Schools was doing related to cybersecurity.
When she finished, I respectfully told them that there was obviously a major disconnect between what they thought was going on and the reality of what was really going on at the school level. I informed her that I had been working directly with three different high schools in the county for 12 years, trying to create programs to no avail, and that as recently as May of this year, I had discussed possibilities with the principal and faculty of one school and offered my suggestions and availability to help. I never heard back from them. I gave them several other specific examples. They looked at one another and just shook their heads.
I was told they weren’t surprised. The Deputy Superintendent said the roadblock was the teacher’s union. They refused to take on anything new without additional compensation. She said they have to deal with this all the time.
They both agreed that cybersecurity should be introduced to the public school systems and they asked if they could have some time to put together a plan. They would get back to me in three weeks. I was excited.
Meanwhile, the U.S. (and our companies) continued to be a piñata for cyber attacks from all over the world. I was finally contacted and asked to attend a meeting at the Central Office on September 25th.
Their proposal was for me to look at the curriculum of 3 of the 12 county high schools and find spots where cyber might be relevant; they would then coordinate with that school to provide an invitation for me to come in and talk to teachers, students, and school administrators. They were quick to point out that this would be as a volunteer and that they couldn’t pay me unless I had a bachelor’s degree in education.
I reminded them that I already volunteer about 30-36 hours a week in the spring to coach the JV baseball team, volunteer as coach for their summer and fall teams, run workout and weight training sessions 2 afternoons a week during the winter, and that I also pay for field and team equipment that the county doesn’t provide. They said “thanks.”
So we have at least broken inertia. They have decided to crawl before walking, and will hopefully eventually move to running. It’s a start.
Now I need other parents, college kids, private sector companies, and federal government officials in this area to volunteer with me to help jump start a cybersecurity program in the county’s public schools. Either that or come help me prep the baseball fields every evening.
Obviously if you’re reading this blog, you are the choir. I urge you to see what is going on related to cybersecurity in your local school system, and maybe volunteer to help them, too.
Jim Christy is VP of Investigations and Digital Forensics at Cymmetria. Jim retired from the U.S. government in 2013, ending a career investigating computer crimes and running digital forensics labs that began in 1986 at the Air Force Office of Special Investigations.
Jim can be reached by email at email@example.com
Connect with Jim on Twitter: @jimchristyusdfc