No More Illusions: Dr. Zero Trust on Fighting K–12 Cyber Threats with Clarity and Courage
“This is the only battlefield where every government and every person is in the same space at the same time.”
— Dr. Chase Cunningham, aka Dr. Zero Trust
In an era where ransomware attacks on schools are making national headlines, one message comes through loud and clear in our latest episode of Vetted by Mark Vetter: You don’t need to be perfect — you need to be prepared.
In Episode 2, we sit down with Dr. Chase Cunningham, also known in cybersecurity circles as Dr. Zero Trust. With a background that spans the NSA, Forrester Research, and front-line cyber warfare strategy, Chase brings a rare blend of straight talk, field-tested insight, and pragmatic empathy to the world of K–12 cybersecurity.
Security is a Mindset — Not a Product
K–12 school districts today are high-value, soft targets. From outdated infrastructure to undertrained staff and sprawling third-party systems, the vulnerabilities are everywhere.
“Most school tech leaders aren’t equipped for this battlefield,” Chase says. “They’re great people — but we’re asking them to do a job that requires 20 years of security experience… on top of handing out Chromebooks.”
The traditional approach of “locking everything down” is no longer enough. As Chase explains, Zero Trust isn’t about perfection — it’s about accepting the inevitability of breaches and designing layered defenses to minimize damage.
“You will get breached. That’s not a failure — that’s reality.”
The Contested Space: Where Kids, Admins, and Chaos Collide
Dr. Cunningham introduces a powerful military concept to the edtech world: contested space — areas of your digital environment where total control is impossible.
In schools, contested space means students clicking on suspicious links, misconfigured Chromebooks, undersecured HVAC systems, and even medical devices (like insulin pumps) now connected to school Wi-Fi.
“You don’t need a degree in cybersecurity,” he says, “but you do need to be honest about the risks and start controlling what you can.”
His recommendation? Embrace cloud-based tools, keep students on lightweight devices like Chromebooks, and use policy engines to tightly manage access. And if that’s over your head? Get help.
TikTok and DeepSeek: Propaganda in Your Pocket
One of the most urgent parts of the conversation centers around the apps students are using every day — particularly TikTok and DeepSeek.
Chase doesn’t mince words:
“TikTok is an influence engine. It’s a propaganda machine. And it’s not helping your children.”
He urges school districts to block these apps at the network level and to educate families about the long-term cognitive and security risks of foreign-owned social platforms.
If You’re Not Ready, Get Help — Now
The good news? You don’t have to do this alone. Dr. Cunningham encourages districts to:
- Partner with MSSPs or MSPs to monitor networks and build strategy
- Leverage free guidance from companies like Microsoft and Google on Zero Trust
- Utilize AI tools (carefully) like ChatGPT for policy support and code breakdowns
- Communicate clearly with leadership so no one is left holding the bag when things go wrong
“If you’re using AI tools, get written approval. Don’t carry the risk alone.”
Cybersecurity Is Not Optional Anymore
Security isn’t a feature — it’s a foundation. With schools increasingly online, the risks are multiplying — but so are the solutions.
“It’s not fair to ask tech directors to be CISOs, coders, and compliance officers.
But it’s even more dangerous to pretend someone else will take care of it.”
So whether you’re in a rural district with a single IT person or a larger system with a full tech team, the path forward starts with owning the challenge — and asking for help when needed.
🧠 Listen to the full episode:
Vetted by Mark Vetter: Episode 2 – Dr. Chase Cunningham (Dr. Zero Trust)
[Find it on Spotify, Apple, or MicroK12.com]