Superior Security Solutions For Your Learning Institution

We are a team of talented cybersecurity professionals Securing The Future of Education.

Our History and Story

SecuredEDU is a premier veteran-owned and operated information security firm providing cybersecurity-focused services since 2005.

The SecuredEDU firm began primarily out of necessity as a computer forensics firm at the birth of the professional criminal hacker era. SecuredEDU leadership noted the unreported and often unnoticed intrusions into our country's educational sector. Additionally, it had been shown that the academic sector was grossly underserviced and left to fend for itself, often due to traditional IT companies' inability to address their cybersecurity needs adequately.

SecuredEDU's leadership knows that though government agencies, including the FBI, DHS, and CISA provide general guidance for academia and local governments to follow, they do not provide individually tailored vulnerability and risk assessments, interpretation of the findings, assistance to implement remediation strategies properly, or cybersecurity experienced experts to lead the way, but SecuredEDU does exactly that.

SecuredEDU leadership believes that a hands-off, guidance-only approach provides a false sense of security and massive potential for failure, which is why SecuredEDU was born.

SecuredEDU staff are experienced, formally educated, and certified in areas that are meaningful to your institution because we are laser-focused on cybersecurity

Our unique skill sets and experiences make our firm superior to others in every way. We have experiences and training unavailable to those without government clearance or who have not protected highly targeted environments, including financial institutions and critical infrastructure.

Additionally, SecuredEDU is proud to have staff members who have worked within EDU IT and educational content creation realms and those who have held board positions focused on security.

01 What are the differences between cybersecurity firms and IT firms?

While IT firms are essential to your infrastructure, they focus on "making things work" rather than making and keeping them secure. Cybersecurity is a specialized aspect of your infrastructure requiring specialized experts.

Cyber requires experienced specialists who understand the big picture of how IT works while ensuring the infrastructure is secure from the onset and remains secure throughout operations.

02 Our district's IT firm insists that they know cyber. Why should we question that?

Your in-house or outsourced IT provider may be experienced, and they may be cybersecurity aware.

Still, they are attempting to be "jacks of all trades," with the likelihood of undesirable outcomes in your environment
because they may not be experienced, certified, cybersecurity-focused professionals.

Unfortunately, you and your IT team may lack situational awareness without an experienced cybersecurity firm providing consultation, audit, and proper validation of your environment.

Entrusting a sole entity, specifically an IT company, with all the keys to your kingdom without a formal process review
and assessment significantly increases the risk of a breach.

03 So then, why SecuredEDU?

SecuredEDU has always believed in securing the educational environment and knew an enormous gap was being ignored by complacent IT shops and security firms that wanted nothing to do with EDU. Most still believe that servicing EDU is beneath them – a race to the bottom because it wasn’t worth their time. Their words, not ours.

SecuredEDU has been servicing the EDU space with a focus on security, while most IT shops were focusing on selling products and software that added little security value. We don't attempt to upsell or offer services you don't need.

We are not value-added resellers of products. Instead, we are vendor-agnostic. However, we will guide you in a direction we believe is in your best interests based on our experiences with vendors and technologies while considering budget and security for the present and the future.

We demand honest relationships and ensure customer satisfaction by consistently over-delivering.

At SecuredEDU, there is no smoke and mirrors and no F.U.D. - Fear, Uncertainty, and Doubt.

Staff Certifications

Not an all-inclusive list. Certifications may expire before removal from site.

Services

A Few Ways We Can Assist You In Your Journey to Secure The Future of Education
Additional Services available

Risk Assessment & Management using a risk-based approach for strategic resource allocation, hand-in-hand with Alignment of cyber strategies with business risks to mitigate vulnerabilities within budget limits.

Owner's Representative. Liaise with Stakeholders and Interested Parties, and manage projects where necessary. You are an educator and probably not a Technology "geek." We get that! We speak Exective languages as well as Technology languages, so please allow us to be there to represent you.

Full scope Vulnerability Assessments, Security Audits and Penetration Testing. There are differences, and too many IT shops refer to them all as PenTests when they are not. Each has a different scope and outcomes, and we know what you need and why.

Developing and implementing Security Strategies. Cyber, physical, and access control related security measures. We ensure that all the security measures operate in harmony with one another - by design from the beginning.

Incident Response Planning and Services. A quick and targeted response is important when an Incident kicks off. We are very experienced in this realm, but we can provide you with playbooks if you prefer to handle these events in-house.

Comprehensive Security Awareness Training for all staff members. Not just another canned training slide deck. We custom create and deliver targeted training that is relevant to what is happening in the world today and how it relates to EDU.

Policy and Compliance Management that is not simply a checkbox. We discover your blind spots and provide comprehensive guidance where government and regulatory bodies have fallen behind.

Technology Oversight and Advisory. Large spends against your IT budget require scrutiny. Does your environment require all new switches? Do they really need be top of the line enterprise switches, or is that what you are being told by your VAR? We'll assist you in these journeys.

Ready to Move Forward in Securing your EDU Environment?

Want to understand how we can assist you in your journey to secure your educational environment, but without all the boring technical jargon? Click the Booking button and grab some free time with us and get on a good path.

Our Founder

Michael C. Taylor

President and Principal Analyst

Mr. Taylor was previously employed by state and federal government agencies, including the U.S. Army, FBI, and the Pennsylvania State Police, where he led cybersecurity teams responsible for protecting classified information against terrorist cybersecurity events, as well as nation-state attackers. While serving in those capacities, he noticed that local government infrastructures and the educational sector were significantly understaffed, underfunded, and often lacked the proper cybersecurity experiences, and this became his focus.

Having worked and provided services in corporate, government, and academic communities, he and his team have proven themselves by delivering exceptional cybersecurity and physical security assessments, IT and cyber infrastructure design, and consulting services. SecuredEDU employs the same technologies, experiences, and holistic, proactive cybersecurity philosophies used to secure critical government and private sector assets - but emphasizing experience.

As one of the computer program steering committee members at a regional vocational school and cybersecurity instructor at a local college, Mr. Taylor began offering vital cybersecurity consultation and services to educational leaders. His strategies and vision are responsible for many positive changes throughout K-12 and Higher Education Institutions' cybersecurity postures and have provided a clear path forward.

Testimonials

What Other Have to Say

Pascale

Project Manager

In the realm of cybersecurity, where complexity and unforeseen obstacles are the norm, Michael's adeptness at problem-solving and his ability to navigate through challenges were invaluable.

Peter

Former CIO, SVC

I want someone who has the right education, years of experience, and skill sets that meet my specific needs, and I have found Mike Taylor to be that person... someone who is truly looking out for their client's best interest.

Steven

School Administrator

Mike is a complete leader, both technically and tactically advanced, demonstrating excellent judgment, problem-solving, and planning skills, and possesses a very natural ability to help others improve performance.

Frequently Asked Questions

We at SecuredEDU are transparent and want to answer your tough questions, but we also know that in-person conversations are best for establishing relationships.
Please contact us for more information and the next steps in that process.

What are the costs of SecuredEDU services?

Everyone responsible for budget asks this question, and rightfully so. However, it is nearly impossible to answer succinctly without prefacing it with, “It depends.” Costs are usually determined by the project's overall scope, including size and expected outcomes, and are generally detail-driven.

This process begins with a high-level scoping call where your needs and our solutions are aligned and overall expectations are agreed upon.

Like an automotive repair, we must understand your pain points and expectations. We engage you and your team in a detailed, partly technical, and administrative interview so everyone on your team can ask questions meaningful to their position and interests. We don’t expect everyone at the table to be a techie – or a mechanic.

Does SecuredEDU have experience servicing other clients in our industry and of similar size?

Absolutely, big and small! We have worked with educational institutions for many years, focusing primarily on cybersecurity while including physical security and access control because it should be considered a complete package.

While the majority of IT firms focused on creating the information highway and vehicles on the road, we focused on securing the highway and cars, which are often unsafe.

Too many IT vendors attempt to bolt on security appliances and applications after the fact or without a complete understanding of how it all comes together and the importance of each piece.

Continuing with the automotive analogy, we design, implement, monitor, and analyze the car's seatbelts, airbags, brakes, and locking mechanisms, and then we install guardrails, traffic lights, and the rules of the road to ensure your safety and security.

We were told that our IT budget includes cybersecurity, so we should be good – right?

No, but your environment is probably more secure than five or ten years ago. Still, every assessment has shown that the assessed environment was not nearly as safe as it should be according to today’s cybersecurity and physical standards.

One reason is that IT and cybersecurity budgets compete for the same funds. In other words, cybersecurity is often downplayed, and IT takes a majority of the allocated budget.

Every EDU environment we have assessed has revealed significant proven cybersecurity gaps. In each case, we have provided guidance that reduced quantifiable cyber risk by as much as 98%, with an average risk reduction between 80% and 89%.

We believe the solution to the budgeting issue is to provide cybersecurity with a unique line item within the budget that would prevent this competing interest.

We had a “penetration test” a couple of years ago and remediated our issues. Why would we need to do this again?

There are a lot of misleading “professionals” in the cybersecurity field, and this may be the topic at the top of the cyber misinformation pile.

It is an example of how you and your team can tell the difference between a firm that knows what they are speaking about versus those thinking they know – the latter are dangerous.

We offer three primary assessments in this realm, and we want to discuss the differences with you and your team and what is needed. If your vendor deliverable was a report consisting of pages of open Ports and IP addresses, and where the cost was several thousand dollars, they did not perform a “pentest.” – sorry.

We provide your team with detailed, meaningful deliverables resulting from many hours of specialized and experienced analysis specific to your environment – helpful both for administrative and technical teams – no mumbo-jumbo or speaking in technocratic circles.
We want to share an example with you and your team.

Most importantly, your environment changes regularly due to constant organic reconfigurations, and your assessment cadence should be aligned with those changes because you cannot protect what you don’t know.

The ONLY guarantee in cyber is that you will miss critical threats if you are not performing consistent assessments and monitoring.

What are the risks of not having professional cybersecurity services with SecuredEDU?

This is an excellent question that Board members and Administrators should be asking because the risks are increasing and compounding yearly.

As most are aware, insurance companies have been slowly demanding increased cybersecurity technologies and services, and SecuredEDU leadership has been on the leading edge of these conversations and negotiations in support of their clients.

The risk of not performing due diligence within your environment can be measured in dollars and reputation.

A 2021 report revealed that, on average, it costs education institutions $2.73 million to remediate the impact of a ransomware attack, including the cost of downtime, data recovery, device and network repairs, security updates, lost opportunity, and ransom payments. That was 48% higher than the global average across all sectors. We believe this has increased 25% to 40% in 2024, and will continue to increase.

SecuredEDU staff believes that the cost is higher than other sectors because EDU is typically outdated with its infrastructure and technologies, and attacks are occasionally a result of severely obsoleted technologies, with many being end-of-life (EOL).

Our assessments corroborate many of these reported findings, supports our claims of competing budgets, and why cybersecurity should be a unique budget line item.

Additionally, we know that many EDUs severely underreport their cyber breach costs, and some do not report at all, therefore skewing the overall statistics.

Insurance companies have been known to refuse or significantly reduce insurance coverage to their clients for failure to perform their due diligence. Where a cyber attack is successful, an insurer will send in their team to find discrepancies that may justify refusing or reducing payment.

We want to discuss how being your trusted partner before, during, and after these negotiations and incidents can reduce your overal risk, liability, and costs. Please consult with us before you decide to activate your cyber insurance policy.

Contact

We want to answer your questions, and assist you with your cybersecurity challenges before they become incidents

Book Time With SecuredEDU

Useful Links