April Mardock has always been up to the task of leading the charge in securing industries with limited resources that rely heavily on outdated tech and have a vast threat landscape. That's why she chose positions enabling her to make an impact by finding her purpose in the nonprofit and education field.
“I realized nonprofits really don't have the skillset to do what needs to be done here,” said Mardock. “They don't have the skill sets to properly configure their firewalls, phishing, to set up the machines for reliable updates. And it’s just a few basics.”
“That’s really where my passion comes from: small businesses and nonprofits, and in particular, schools as a second,” she continued. “They’re in the same boat. They may be larger [organizations], but they don't have the resources. They need something that's easy, inexpensive, and straightforward.”
Starting out as a senior consultant, Mardock balanced small office support for 132 different companies over nine years before sticking with educational sector leadership positions, including the City University of Seattle, Puget Sound Educational Sector, and her longest and current position: chief information security officer for Seattle Public Schools.
Click here for full coverage of the SC Media 2021 Women in IT Security
Her passion drove her to “desperately look for ways to accomplish this, which Mardock found through open-source tools and creating what she called “birds of a feather sessions,” where school systems could share information with each other on how to do certain tasks, and even to help other citizens.
The initiatives and skills-sharing allowed everyone to “level up by sharing the armor and figuring out the best way to get the job done for a low cost: through volunteering time and helping each entity with how school districts need to handle security across their schools.
Mardock’s mission was put to the test when the COVID-19 pandemic hit last year and school systems were suddenly taken online. But when there are serious income disparities across the districts, the task then became figuring out how to connect people and share information in a way that everyone has equal access.
“You wouldn’t think this of Seattle, it being tech heavy, but we only had about 6,000 1-to-1 devices out for 53,000 kids before the pandemic,” said Mardock. When the national emergency was announced, her team had to “rush to give every kid a device, whether they were elementary school, middle school or high school, so they could participate in class.”
Another challenge was that 2,300 of the district’s children were homeless, and that meant they didn’t have reliable internet. When everything is online, how could these children go to class when libraries and McDonalds are closed, and there’s nowhere to get free internet like you could before the outbreak.
So Mardock’s team stepped up and deployed 5,000 hotspots across the district to support children in need.
“We had to make sure every kid had a device, and we got the internet to as many as we could,” said Mardock. “You'll hear Comcast saying, ‘you know, we provided $10 a month for cheap, broadband internet. But it was three Mbs: you can't even do two video conferences on three megabits. So any family with two kids was screwed.”
“The same problem happened with a hotspot, which had limited data as well,” she added. Families with more than one child were really unable to do video classes, which was another equity issue.
The pandemic also brought with it a shift from traditional bullying to online harassment. The normal problems that would typically play out on a playground were happening online. To tackle this, Mardock simply moved to enabling the chat function in video classrooms, which gave them the much needed visibility into cyberbullying and other inappropriate behavior.
The last year also furthered her mission to share her knowledge around security needs with others in the education field. She’s on the board of a grassroots security community supporting local educational districts called OpsecEdu. The group hosted “bring your hacker to school day,” where cybersecurity professionals present to primary and secondary schools.
Mardock also leads regional and national groups focused on providing much needed step-by-step guidance for organizations that need help in securing the network because “that’s the part sometimes missing in this space: we forget about the strategic adoption, the process of making sure that you involve the stakeholders before you do something.”
By creating these guidelines, with the help of the K12 SIX working group, Mardock “essentially has a platform for distributing wisdom in that kind of context.”
