Cyber Threat Response Team

 

No school district should feel alone when facing a cyber attack.

black logo in the shape of Arkansas with a circuitboard pattern that says P-12 Cyber Threat Response Team


Arkansas' P-12 Cyber Threat Response Team represents a collaborative effort among Arkansas Cooperative Technology Coordinators and the Arkansas Division of Information Systems (DIS). The Cyber Threat Response Team is a small group of IT professionals who are willing and ready to provide onsite support, at no cost to the district, whenever an Arkansas school district is faced with a cyber threat. Information collected through the P-12 Cyber Threat Response Team will only be used to inform and protect Arkansas school districts.



Report a Cyber Incident

During the 2021 Regular Session, the Arkansas General Assembly enacted Act 260, which requires a public entity, or contractual provider of a public entity, to disclose in writing an initial report of the known facts of a security incident to the Legislative Auditor within five (5) business days after learning of the incident. Additionally, the public entity shall provide regular updates regarding the status of the incident. A report, update, notification, or list created or maintained under this law is exempt from FOIA as a security function under Ark. Code Ann. §25-19-105(b)(11).

If a cyber incident has occurred in your district, please visit https://www.arklegaudit.gov for further instructions.

What are the team's goals?

  1. Ensure districts know they are not alone when faced with a cyber threat.
  2. Increase communication between districts, co-ops, DESE, and DIS when a district is under attack.
  3. Build statewide capacity in handling and responding to cyber threats.

When should a school district communicate a cyber threat?

School districts should communicate with their DIS Field Technician or Co-op Technology Coordinator any time they are experiencing a cyber attack (regardless if onsite support is needed). It is important that we all communicate to better protect one another.

How can a school district activate onsite support?

Any school district facing a cyber threat can activate the Cyber Threat Response Team by contacting their local DIS Field Technician or Co-op Technology Coordinator. Upon request, the Cyber Threat Response Team will send our Cyber Threat First Responders to help isolate the incident, assess the situation, recover network/data/systems when possible, and implement prevention strategies.

How should a school, district, or technology administrator respond when machines involve explicit images of children? 

It is possible that a technician may come across questionable content when investigating an incident on a computer, network, mobile device, cloud storage, etc. When the investigation uncovers content that includes explicit images of a minor, there are specific requirements that should be followed. 

  1. Stop independent investigation.
  2. Make a report on the Arkansas Child Abuse Hotline at 800-482-5964 when a known minor is involved. 
  3. Notify district leadership.
  4. Notify local law enforcement.
  5. Contact Arkansas State Police at 501-618-8000. 

All school employees are mandated reporters for child maltreatment by law (§12-18-402). Anyone who observes or suspects child maltreatment must report it to the Child Abuse Hotline. Child maltreatment is defined by law (§12-18-103) as abuse, sexual abuse, neglect, sexual exploitation, or abandonment. These offenses are further defined in the law. Incidents involving sexting, sextortion, and child pornography involving someone you know could qualify as reportable events. If possible, have the child’s name, address, alleged offender’s name and address, and details about the maltreatment. If you wish, you can remain anonymous, but it is always helpful to provide your contact information in case more information is needed later.

It is important not to move, delete, transfer, or physically share explicit images during an investigation unless requested by law enforcement. Every device and person involved in the storage or distribution of these images becomes an active component in the investigation.

 

 

For more information, please contact:
Evan Patrick, Technology Coordinator
Director of Arkansas' Cyber Threat Response Team
Southeast Arkansas Education Service Cooperative
Phone: 870-367-6848
Email: Evan.Patrick@searkcoop.com

Alan Floyd, Technology Coordinator
Associate Director of Arkansas' Cyber Threat Response Team
Northcentral Arkansas Education Service Cooperative
Phone: 870-368-7955
Email: Alan.Floyd@northcentralcoop.org

 Related Files

 Related Links