In the fall of 2021, the Center for Internet Security’s Multi-State Information Sharing and Analysis Center (MS-ISAC) reported an expected 86 percent increase in cybersecurity incidents targeting K-12 school systems over the course of one year. Public and private schools provide a broad surface area for exploitation and are often the target of malicious hackers looking for financial gain or to steal the sensitive personal data of teachers and students.
Countering these ransomware attacks with proper cyber hygiene practices can be especially difficult if there is little or no room in the IT budget, or if curriculum leaders lack involvement in the effort to enhance cybersecurity.
As a result, there are a few helpful benchmarks that can assist IT administrators in their ever-evolving quest to bolster cybersecurity measures and limit schools’ exposure to pervasive attacks.
Beef Up Cybersec Skillsets
Ransomware has hit the education sector hard. Schools with lackluster protections make cybercriminals salivate. They also suffer incredible losses when both finances and instruction times are interrupted, as schools often must shut down completely to restore frozen data. And it’s all taking place while communities are also demanding even more visibility into the data schools have on their children, their schoolwork, their families, their records, etc. As a result, school administrators in charge of K-12 cybersecurity deal with myriad challenges while navigating how to best secure the sensitive data of both students and staff.
Attacks on unprepared systems often come down to a lack of detection and accidental data leaks due to improper storage of documents on school-provided cloud drives. In an ever-changing world, the internal and external portfolio of aggregate skill sets provided by IT talent must evolve over time. Continuing to evaluate where these gaps are on an annual basis provides systems with the balances needed between agility and financial efficiency. By being proactive regarding the auditing of vendors and managing the access and permissions of learning management apps used in schools, administrators can create a more robust security posture for their school.
Cultivate a Security-Centric Culture
Creating security benchmarks for K-12 requires a willingness to act and promote a culture that takes cyberthreats seriously from the top down. Building a frictionless experience is a paradox and the world of education provides a variety of constituencies that range from small children to highschoolers and teachers who bring a range of different needs and areas of protection to the table.