Superior Security Solutions For Your Learning Institution
We are a team of talented cybersecurity professionals Securing The Future of Education.
Our History and Story
SecuredEDU is a premier veteran-owned and operated information security firm providing
cybersecurity-focused
services since 2005.
The SecuredEDU firm began primarily out of necessity as a computer forensics firm at the birth of the
professional
criminal hacker era. SecuredEDU leadership noted the unreported and often unnoticed intrusions into our
country's
educational sector. Additionally, it had been shown that the academic sector was grossly underserviced and
left to
fend for itself, often due to traditional IT companies' inability to address their cybersecurity needs
adequately.
SecuredEDU's leadership knows that though government agencies, including the FBI, DHS, and CISA provide
general guidance for academia and local governments to follow, they do not provide individually tailored
vulnerability and risk assessments, interpretation of the findings, assistance to implement remediation
strategies properly, or cybersecurity experienced experts to lead the way, but SecuredEDU does exactly
that.
SecuredEDU leadership believes that a hands-off, guidance-only approach provides a false sense of security
and
massive potential for failure, which is why SecuredEDU was born.
SecuredEDU staff are experienced, formally educated, and certified in areas that are meaningful to your institution because we are laser-focused on cybersecurity
Our unique skill sets and experiences make our firm superior to others in every way. We have experiences
and training unavailable to those without government clearance or who have not protected highly targeted
environments, including financial institutions and critical infrastructure.
Additionally, SecuredEDU is proud to have staff members who have worked within EDU IT and educational
content creation realms and those who have held board positions focused on security.
01 What are the differences between cybersecurity firms and IT firms?
While IT firms are essential to your infrastructure, they focus on "making things work"
rather than making and keeping them secure. Cybersecurity is a specialized aspect of
your infrastructure requiring specialized experts.
Cyber requires experienced specialists who understand the big picture of how IT works
while ensuring the infrastructure is secure from the onset and remains secure throughout operations.
02 Our district's IT firm insists that they know cyber. Why should we question that?
Your in-house or outsourced IT provider may be experienced, and they may be cybersecurity
aware.
Still, they are attempting to be "jacks of all trades," with the likelihood of undesirable outcomes
in your environment
because they may not be experienced, certified, cybersecurity-focused professionals.
Unfortunately, you and your IT team may lack situational awareness without an experienced
cybersecurity firm providing
consultation, audit, and proper validation of your environment.
Entrusting a sole entity, specifically an IT company, with all the keys to your kingdom without a
formal process review
and assessment significantly increases the risk of a breach.
03 So then, why SecuredEDU?
SecuredEDU has always believed in securing the educational environment and knew an enormous gap was
being ignored by complacent IT shops and security firms that wanted nothing to do with EDU. Most
still
believe that servicing EDU is beneath them – a race to the bottom because it wasn’t worth their
time.
Their words, not ours.
SecuredEDU has been servicing the EDU space with a focus on security, while most IT shops were
focusing
on selling products and software that added little security value. We don't attempt to upsell or
offer
services you don't need.
We are not value-added resellers of products. Instead, we are vendor-agnostic. However, we will
guide
you in a direction we believe is in your best interests based on our experiences with vendors and
technologies while considering budget and security for the present and the future.
We demand honest relationships and ensure customer satisfaction by consistently
over-delivering.
At SecuredEDU, there is no smoke and mirrors and no F.U.D. - Fear, Uncertainty, and Doubt.
Staff Certifications
Not an all-inclusive list. Certifications may expire before removal from site.
Services
A Few Ways We Can Assist You In Your Journey to Secure The Future of Education
Additional Services available
Risk Assessment & Management using a risk-based approach for strategic resource allocation, hand-in-hand with Alignment of cyber strategies with business risks to mitigate vulnerabilities within budget limits.
Owner's Representative. Liaise with Stakeholders and Interested Parties, and manage projects where necessary. You are an educator and probably not a Technology "geek." We get that! We speak Exective languages as well as Technology languages, so please allow us to be there to represent you.
Full scope Vulnerability Assessments, Security Audits and Penetration Testing. There are differences, and too many IT shops refer to them all as PenTests when they are not. Each has a different scope and outcomes, and we know what you need and why.
Developing and implementing Security Strategies. Cyber, physical, and access control related security measures. We ensure that all the security measures operate in harmony with one another - by design from the beginning.
Incident Response Planning and Services. A quick and targeted response is important when an Incident kicks off. We are very experienced in this realm, but we can provide you with playbooks if you prefer to handle these events in-house.
Comprehensive Security Awareness Training for all staff members. Not just another canned training slide deck. We custom create and deliver targeted training that is relevant to what is happening in the world today and how it relates to EDU.
Policy and Compliance Management that is not simply a checkbox. We discover your blind spots and provide comprehensive guidance where government and regulatory bodies have fallen behind.
Technology Oversight and Advisory. Large spends against your IT budget require scrutiny. Does your environment require all new switches? Do they really need be top of the line enterprise switches, or is that what you are being told by your VAR? We'll assist you in these journeys.
Ready to Move Forward in Securing your EDU Environment?
Want to understand how we can assist you in your journey to secure your educational environment, but without all the boring technical jargon? Click the Booking button and grab some free time with us and get on a good path.
Our Founder
Michael C. Taylor
President and Principal AnalystMr. Taylor was previously employed by state and federal government agencies, including the U.S.
Army, FBI, and the Pennsylvania State Police, where he led cybersecurity teams responsible for
protecting classified information against terrorist cybersecurity events, as well as nation-state
attackers. While serving in those capacities, he noticed that local government infrastructures and
the educational sector were significantly understaffed, underfunded, and often lacked the proper
cybersecurity experiences, and this became his focus.
Having worked and provided services in corporate, government, and academic communities, he and his
team have proven themselves by delivering exceptional cybersecurity and physical security
assessments, IT and cyber infrastructure design, and consulting services. SecuredEDU employs the
same technologies, experiences, and holistic, proactive cybersecurity philosophies used to secure
critical government and private sector assets - but emphasizing experience.
As one of the computer program steering committee members at a regional vocational school and
cybersecurity instructor at a local college, Mr. Taylor began offering vital cybersecurity
consultation and services to educational leaders. His strategies and vision are responsible for many
positive changes throughout K-12 and Higher Education Institutions' cybersecurity postures and have
provided a clear path forward.
Testimonials
What Other Have to Say
Frequently Asked Questions
We at SecuredEDU are transparent and want to answer your tough questions, but we also know that
in-person conversations are best for establishing relationships.
Please contact us for more information and the next steps in that process.
What are the costs of SecuredEDU services?
Everyone responsible for budget asks this question, and rightfully so. However, it is nearly
impossible
to answer succinctly without prefacing it with, “It depends.” Costs are usually determined by the
project's overall scope, including size and expected outcomes, and are generally
detail-driven.
This process begins with a high-level scoping call where your needs and our solutions are aligned
and overall
expectations are agreed upon.
Like an automotive repair, we must understand your pain points and expectations. We engage you and
your team
in a detailed, partly technical, and administrative interview so everyone on your team can ask
questions
meaningful to their position and interests. We don’t expect everyone at the table to be a techie –
or a mechanic.
Does SecuredEDU have experience servicing other clients in our industry and of similar size?
Absolutely, big and small! We have worked with educational institutions for many years, focusing
primarily on
cybersecurity while including physical security and access control because it should be considered a
complete package.
While the majority of IT firms focused on creating the information highway and vehicles on the road,
we focused
on securing the highway and cars, which are often unsafe.
Too many IT vendors attempt to bolt on security appliances and applications after the fact or
without a complete
understanding of how it all comes together and the importance of each piece.
Continuing with the automotive analogy, we design, implement, monitor, and analyze the car's
seatbelts, airbags,
brakes, and locking mechanisms, and then we install guardrails, traffic lights, and the rules of the
road to
ensure your safety and security.
We were told that our IT budget includes cybersecurity, so we should be good – right?
No, but your environment is probably more secure than five or ten years ago. Still, every
assessment
has shown that
the assessed environment was not nearly as safe as it should be according to today’s cybersecurity
and physical standards.
One reason is that IT and cybersecurity budgets compete for the same funds. In other words,
cybersecurity is
often downplayed, and IT takes a majority of the allocated budget.
Every EDU environment we have assessed has revealed significant proven cybersecurity
gaps. In
each case, we have provided guidance that reduced quantifiable cyber risk by as much as 98%, with
an average
risk reduction between 80% and 89%.
We believe the solution to the budgeting issue is to provide cybersecurity with a unique line item
within the budget that would prevent this competing interest.
We had a “penetration test” a couple of years ago and remediated our issues. Why would we need to do this again?
There are a lot of misleading “professionals” in the cybersecurity field, and this may be the
topic at the top of the cyber misinformation pile.
It is an example of how you and your team can tell the difference between a firm that knows what
they are speaking about versus those thinking they know – the latter are dangerous.
We offer three primary assessments in this realm, and we want to discuss the differences with you
and your team and what is needed. If your vendor deliverable was a report consisting of pages of
open Ports and IP addresses, and
where the cost was several thousand dollars, they did not perform a “pentest.” – sorry.
We provide your team with detailed, meaningful deliverables resulting from many hours of specialized
and experienced analysis specific to your environment – helpful both for administrative and
technical teams – no
mumbo-jumbo or speaking in technocratic circles.
We want to share an example with you and your team.
Most importantly, your environment changes regularly due to constant organic reconfigurations, and
your assessment cadence should be aligned with those changes because you cannot protect what you
don’t know.
The ONLY guarantee in cyber is that you will miss critical threats if you are not performing
consistent
assessments and monitoring.
What are the risks of not having professional cybersecurity services with SecuredEDU?
This is an excellent question that Board members and Administrators should be asking because the
risks are increasing
and compounding yearly.
As most are aware, insurance companies have been slowly demanding increased cybersecurity
technologies and services, and
SecuredEDU leadership has been on the leading edge of these conversations and negotiations in
support of their clients.
The risk of not performing due diligence within your environment can be measured in dollars and
reputation.
A 2021 report revealed that, on average, it costs education institutions $2.73 million to
remediate the impact of
a ransomware attack, including the cost of downtime, data recovery, device and network repairs,
security updates, lost
opportunity, and ransom payments. That was 48% higher than the global average across all sectors.
We believe this has
increased 25% to 40% in 2024, and will continue to increase.
SecuredEDU staff believes that the cost is higher than other sectors because EDU is typically
outdated with its infrastructure
and technologies, and attacks are occasionally a result of severely obsoleted technologies, with
many being end-of-life (EOL).
Our assessments corroborate many of these reported findings, supports our claims of competing
budgets, and why
cybersecurity should be a unique budget line item.
Additionally, we know that many EDUs severely underreport their cyber breach costs, and some do not
report at
all, therefore skewing
the overall statistics.
Insurance companies have been known to refuse or significantly reduce insurance coverage to their
clients for failure to
perform their due diligence. Where a cyber attack is successful, an insurer will send in their team
to find discrepancies
that may justify refusing or reducing payment.
We want to discuss how being your trusted partner before, during, and after these negotiations and
incidents can reduce your
overal risk, liability, and costs.
Please consult with us before you decide to activate your cyber insurance policy.
Contact
We want to answer your questions, and assist you with your cybersecurity challenges before they become incidents
Book Time With SecuredEDU