Zero Breach Zone

Andy Lombardo & Phil Hintz

Welcome to the "Zero Breach Zone," where we delve into the vital mission of fortifying K-12 schools against breaches and phishing threats. Hosts Andy Lombardo and Phil Hintz lead insightful conversations with top experts in cybersecurity, education, and technology, uncovering strategies to protect our schools. From breaking down the latest digital threats to sharing actionable security measures, this podcast empowers educators, administrators, and parents with the tools they need to safeguard students and staff in today’s connected world.

  1. Cybercrime at Machine Speed: Are Schools Ready? (Re-Air)

    23 июн.

    Cybercrime at Machine Speed: Are Schools Ready? (Re-Air)

    Welcome to Season 2 Episode 2 of the Zero Breach Zone podcast, where hosts Phil Hintz and Andy Lombardo break down emerging cybersecurity threats and what they mean for K-12 schools in 2026. Drawing from recent industry predictions, they explore how cybercrime is becoming more industrialized—powered by AI, automation, and speed. Andy shares real-world examples of how quickly attackers identify and target new staff, sometimes within days, and how campaigns are expanding beyond employees to include parents and community members. The conversation dives into modern attack techniques like token theft, AI-driven reconnaissance, and ransomware-as-a-service, highlighting how attackers are operating more like businesses than ever before. Phil and Andy also discuss the growing importance of identity as the new security perimeter, reinforcing the need for MFA, zero trust strategies, and strong onboarding and offboarding processes. They wrap up with a look at EdTech trends, including shifting perspectives on student device usage, and this week's Parting Tool shared by Andy shows how to turn Google Slides into AI-narrated videos for quick and effective content delivery. Key Takeaways: Cybercrime is evolving into a fast, AI-driven industryAttack timelines are shrinking dramaticallyNew staff and even community members are becoming targetsToken theft and automated attacks are on the riseIdentity and MFA are central to modern defenseZero trust and lifecycle management are criticalRansomware-as-a-service continues to growParting Tool:Use Google Slides’ “Convert to Video” feature to create AI-narrated presentations for training and classroom content. Resources Mentioned:Fortinet 2026 Cyber Threat Predictions (White Paper) Chapters:00:00 Introduction and 2026 Cyber Threat Predictions03:15 The Acceleration of Cyber Attacks06:40 Real-World Phishing Examples10:05 Token Theft and AI Threats14:20 Ransomware and Cybercrime Evolution18:10 Identity and Zero Trust22:30 EdTech Trends and Tool of the Day

    28 мин.
  2. The ‘Hi, How Are You?’ Scam & Smarter Cyber Threats in 2026 (Re-Air)

    9 июн.

    The ‘Hi, How Are You?’ Scam & Smarter Cyber Threats in 2026 (Re-Air)

    Episode Description:Welcome to Season 2, Episode 1 of the Zero Breach Zone podcast. Phil Hintz and Andy Lombardo dive into the latest cybersecurity threats facing K-12 schools. They break down the rise of scam tactics like the “Hi, how are you?” texts and long-term “pig butchering” schemes, highlighting how attackers are shifting beyond email into more personal and trusted channels. The hosts share real-world examples and explain why even small interactions with scammers can increase risk. The conversation also focuses on a growing concern, student cybersecurity. From compromised student accounts to new training initiatives, Phil and Andy emphasize the importance of building safe habits early to protect school environments. Phil also shares a fun and inspiring story about students breaking a Guinness World Record by building the world’s largest Pong game, showcasing how coding and innovation are shaping the next generation of cybersecurity talent. The episode wraps with insights on evolving threats, student MFA challenges, and practical ways schools can stay ahead. Key Takeaways: Text-based scams are rapidly increasing and highly effective“Pig butchering” scams rely on long-term trust and manipulationEngaging with scammers can make you a bigger targetCyber threats are expanding beyond email into trusted platformsStudent accounts are a growing risk and need proper trainingEarly cybersecurity education is criticalMFA for students requires balancing security and usabilityChapters:00:00 Season 2 Kickoff and Reflections01:30 New Year, New Cyber Threat Landscape02:30 The Rise of “Hi, How Are You?” Scam Texts04:30 Understanding Pig Butchering Scams06:30 Real-World Scam Examples and Family Stories08:30 Why You Should Not Engage with Scammers10:00 Expanding Threats Beyond Email11:30 Scareware and Social Engineering Tactics13:00 Student Cybersecurity Risks14:30 CyberNut Student Training Overview16:30 Building Safe Habits for Students17:45 MFA Challenges and Student Access18:45 Real Incident: Google Doc Attack19:45 Looking Ahead to 2026 Threats20:30 Closing Thoughts and Wrap-Up

    21 мин.
  3. 26 мая

    Hacking With Permission: K-12 Pen Testing with Zelvin Security

    Welcome to Season 2 Episode 5 of the Zero Breach Zone, where hosts Phil Hintz and Andy Lombardo sit down with the people on the front lines of K-12 cybersecurity. This week they're joined by Brian Parton, penetration tester and security expert at Zelvin Security. Brian pulls back the curtain on what a real pen test looks like inside a school district, what attackers are actually looking for, why your printer might be your biggest vulnerability, and how knowing where your defenses fail is one of the smartest investments a district can make. Recorded during Teacher Appreciation Week, Phil and Andy take a moment to recognize the educators who make every other profession possible, including the cybersecurity pros keeping school networks safe. Key Takeaways: Penetration testing is active, intentional, and noisy. The goal is to find every exploitable vulnerability across every layer of defense so you know everywhere you're exposed, not just where you didn't get caughtRed teaming is different. It's quieter and more covert, designed to simulate a real attacker who's trying not to be detectedAutomated pen testing tools beat a basic vulnerability scan, but only a human tester can adapt, troubleshoot, and exploit the edge cases that tools miss. A false sense of security is worse than no test at allPrinters are a massively underestimated attack surface. Once configured for scanning and email, they often hold credentials that can unlock privilege escalation across your entire networkSeparating admin accounts from everyday user accounts is one of the highest-impact, lowest-cost moves a district can makePen testing validates your existing tool spend and increasingly checks a box on cyber insurance applicationsParting Tip: Visit zelvin.com/K-12-resources for free tools including a pen test ROI guide, a purple teaming explainer, and a password entropy checker. Aim for a base entropy score over 100Resources Mentioned: Zelvin Security — zelvin.comDEFCON Groups — find your local chapter (search "DC" + your area code)OWASP — find your local chapter for web security community and networking

    31 мин.
  4. 28 апр.

    Building a Culture Around Cybersecurity with Andrew Marcinek

    Welcome to Season 2 Episode 3 of the Zero Breach Zone, where hosts Phil Hintz and Andy Lombardo sit down with leaders shaping the future of technology and security in K-12 education. This week they're joined by Andrew Marcinek: father, author, education veteran and CTO, to dig into why building a culture around cybersecurity is the most important thing schools can do right now. Andrew shares his journey from classroom teacher to technology leader and makes a powerful case that digital safety isn't an IT issue — it's a people issue. The conversation tackles the ongoing debate around cell phone policy and screen time, with Andrew arguing that banning devices misses the point. Students need to learn to navigate technology the same way they learn to drive — with proper education and guardrails, not just restrictions. That thinking underpins his work in digital health and wellness and his widely praised book, *Teaching Digital Kindness*, which has become a go-to resource for educators looking to build empathy and accountability in digital spaces. They also explore how AI is transforming school communications and operations, and close out with a look at vibe coding — where students use AI tools to build and publish real websites with little to no traditional coding experience. Key Takeaways: Cybersecurity in schools requires a culture, not just a toolStudents need digital literacy the way they need driver's ed — preparation, not prohibitionDigital health and wellness belongs in the classroom conversation'Teaching Digital Kindness' is essential reading for any educator navigating today's tech landscape along with Andrew's upcoming book (working title) 'Untangled' AI is streamlining how schools communicate and operateVibe coding is opening up real creative and technical opportunities for studentsParting Tool: Try vibe coding with Claude Code or Lovable — two AI-powered tools that let students (and educators) build real websites and apps with minimal coding experience. Resources Mentioned: Teaching Digital Kindness by Andrew MarcinekThink Forward Solutions School Amplified AI

    38 мин.
  5. 14 апр.

    Cybercrime at Machine Speed: Are Schools Ready?

    Welcome to Season 2 Episode 2 of the Zero Breach Zone podcast, where hosts Phil Hintz and Andy Lombardo break down emerging cybersecurity threats and what they mean for K-12 schools in 2026. Drawing from recent industry predictions, they explore how cybercrime is becoming more industrialized—powered by AI, automation, and speed. Andy shares real-world examples of how quickly attackers identify and target new staff, sometimes within days, and how campaigns are expanding beyond employees to include parents and community members. The conversation dives into modern attack techniques like token theft, AI-driven reconnaissance, and ransomware-as-a-service, highlighting how attackers are operating more like businesses than ever before. Phil and Andy also discuss the growing importance of identity as the new security perimeter, reinforcing the need for MFA, zero trust strategies, and strong onboarding and offboarding processes. They wrap up with a look at EdTech trends, including shifting perspectives on student device usage, and this week's Parting Tool shared by Andy shows how to turn Google Slides into AI-narrated videos for quick and effective content delivery. Key Takeaways: Cybercrime is evolving into a fast, AI-driven industryAttack timelines are shrinking dramaticallyNew staff and even community members are becoming targetsToken theft and automated attacks are on the riseIdentity and MFA are central to modern defenseZero trust and lifecycle management are criticalRansomware-as-a-service continues to growParting Tool:Use Google Slides’ “Convert to Video” feature to create AI-narrated presentations for training and classroom content. Resources Mentioned:Fortinet 2026 Cyber Threat Predictions (White Paper) Chapters:00:00 Introduction and 2026 Cyber Threat Predictions03:15 The Acceleration of Cyber Attacks06:40 Real-World Phishing Examples10:05 Token Theft and AI Threats14:20 Ransomware and Cybercrime Evolution18:10 Identity and Zero Trust22:30 EdTech Trends and Tool of the Day

    28 мин.
  6. 31 мар.

    Season 2 Kickoff: The ‘Hi, How Are You?’ Scam & Smarter Cyber Threats in 2026

    Episode Description:Welcome to Season 2, Episode 1 of the Zero Breach Zone podcast. Phil Hintz and Andy Lombardo dive into the latest cybersecurity threats facing K-12 schools. They break down the rise of scam tactics like the “Hi, how are you?” texts and long-term “pig butchering” schemes, highlighting how attackers are shifting beyond email into more personal and trusted channels. The hosts share real-world examples and explain why even small interactions with scammers can increase risk. The conversation also focuses on a growing concern, student cybersecurity. From compromised student accounts to new training initiatives, Phil and Andy emphasize the importance of building safe habits early to protect school environments. Phil also shares a fun and inspiring story about students breaking a Guinness World Record by building the world’s largest Pong game, showcasing how coding and innovation are shaping the next generation of cybersecurity talent. The episode wraps with insights on evolving threats, student MFA challenges, and practical ways schools can stay ahead. Key Takeaways: Text-based scams are rapidly increasing and highly effective“Pig butchering” scams rely on long-term trust and manipulationEngaging with scammers can make you a bigger targetCyber threats are expanding beyond email into trusted platformsStudent accounts are a growing risk and need proper trainingEarly cybersecurity education is criticalMFA for students requires balancing security and usabilityChapters:00:00 Season 2 Kickoff and Reflections01:30 New Year, New Cyber Threat Landscape02:30 The Rise of “Hi, How Are You?” Scam Texts04:30 Understanding Pig Butchering Scams06:30 Real-World Scam Examples and Family Stories08:30 Why You Should Not Engage with Scammers10:00 Expanding Threats Beyond Email11:30 Scareware and Social Engineering Tactics13:00 Student Cybersecurity Risks14:30 CyberNut Student Training Overview16:30 Building Safe Habits for Students17:45 MFA Challenges and Student Access18:45 Real Incident: Google Doc Attack19:45 Looking Ahead to 2026 Threats20:30 Closing Thoughts and Wrap-Up

    21 мин.
  7. Knowing Is Half the Battle... The Other Half Is Cybersecurity Funding for Schools (Re-Air)

    02.12.2025

    Knowing Is Half the Battle... The Other Half Is Cybersecurity Funding for Schools (Re-Air)

    Welcome to episode 15 of the Zero Breach Zone podcast, where hosts Phil Hintz and Andy Lombardo discuss their experiences at recent conferences, focusing on cybersecurity strategies in K-12 education. They explore the importance of multi-factor authentication (MFA), the challenges of session timeouts, and the need for continuous improvement in cybersecurity practices. The conversation also highlights the significance of tabletop exercises for incident response and the convergence of physical and cybersecurity measures in schools. The hosts share insights on integrating technology for safety and the necessity of collaboration among various stakeholders. In this conversation, Andy Lombardo and Phil Hintz discuss various aspects of school security, including the importance of enhancing physical security measures, leveraging CISA for audits, and the role of AI in education. They emphasize the need for collaboration and networking within the EdTech community, as well as advocating for increased cybersecurity funding to protect K-12 institutions. The discussion ends with highlighting the significance of engaging with Congress to address these pressing issues and the helpful resources prepared by CoSN to do so. Key Takeaways: MFA is essential but requires ongoing adjustments & MFA should extend to social media accountsSession timeouts can pose risks if not managed properlyTabletop exercises help prepare for incidentsConvergence of physical and cyber security is crucialStakeholder collaboration is key in incident responseContinuous learning from conferences is invaluableK-12 cybersecurity threats are rising and we need your voiceCybersecurity is a bipartisan issue with real-world consequencesParting Tool: Help your district to become a Zero Breach Zone -Urge Congress to Protect and Invest in Cybersecurity Support for Schools-  through the CoSN prepared resources:https://cosn.quorum.us/campaign/115693/ Resources Mentioned  Evil Jinx: https://github.com/kgretzky/evilginx2Chapters 00:00 Spring Reflections and Conference Recap 03:08 Cybersecurity Strategies and MFA Insights 06:01 Real-World Cybersecurity Challenges 09:06 Tabletop Exercises and Incident Response 12:00 Convergence of Physical and Cybersecurity 14:57 Integrating Technology for Safety 19:12 Enhancing School Security Measures 20:50 Leveraging CISA for Security Audits 22:34 Insights from K-12 Conferences 23:32 AI in Education: Opportunities and Challenges 26:33 Networking and Collaboration in EdTech 31:46 Advocating for Cybersecurity Funding 39:21 Call to Action: Engage with Congress

    37 мин.

Оценки и отзывы

5
из 5
Оценок: 2

Об этом подкасте

Welcome to the "Zero Breach Zone," where we delve into the vital mission of fortifying K-12 schools against breaches and phishing threats. Hosts Andy Lombardo and Phil Hintz lead insightful conversations with top experts in cybersecurity, education, and technology, uncovering strategies to protect our schools. From breaking down the latest digital threats to sharing actionable security measures, this podcast empowers educators, administrators, and parents with the tools they need to safeguard students and staff in today’s connected world.