K-12 cybersecurity is often reactive, triggered only after an alarm sounds. But what if you could build defenses that prevent the alarm from ever going off? This session explores how Governance, Risk, and Compliance (GRC) frameworks provide a proactive layer to your existing security posture. Using the "cybersecurity onion" model, participants will learn to build resilient, multi-layered systems that protect networks, data, and users. Attendees will leave with practical tools aligned with CIS Controls and the NIST Cybersecurity Framework to strengthen their district’s posture through thoughtful governance and risk management. Additional Information This session bridges the gap between technical security and executive leadership by leveraging my experience as a technology leader to provide a roadmap for institutional resilience. Drawing on my background as a CISSP and CCRE, I provide participants with actionable strategies that align directly with national security standards and frameworks. Attendees will gain the governance, risk, and compliance (GRC) tools necessary to transform their district's security posture from a reactive state to a documented proactive, multi-layered defense system. Essential Skill Strategic Planning; Ethics & Policies; Data Privacy & Security; Team Building & Staffing
