Like all other sectors, the pandemic expedited digital transformation in education. School districts and universities around the globe found themselves making years’ worth of changes rapidly, as the coronavirus shutdown resulted in a mad dash to a new, fully remote “normal.” As schools continue to make sense of distance learning strategies, it is imperative that they factor long-term cybersecurity considerations into their plans.
Each day since the pandemic began, educators and administrators are forced to confront systems that have seen an overwhelming and tremendous surge in usage. The process of implementing new e-learning technologies at scale created significant gaps in security. In fact, according to one report, “the average number of weekly attacks per organization in the academic sector increased by 30 percent July through August of 2019.”
Given the number of individuals involved in, and affected by, the education system, the idea of “move fast break things” may leave those who lack a proper cybersecurity infrastructure at a particularly high risk from cyber threats. Prioritizing cybersecurity in education has never been more pertinent.
Here are some key cybersecurity philosophies and tips to keep in mind while distance learning remains in place across the country.
It’s not a matter of if – but when.
There’s a saying in the cybersecurity community: it’s not a matter of if a bad actor will strike, but when. We’ve already seen an uptick in bad actors actively targeting school districts and the remote student population. The effects of these attacks have ranged from “Zoom Bombing,” exploiting collaboration solutions to bombard virtual meetings, and shutting down internal networks – effectively rendering internal communications useless.
Like any entity victimized by a cybersecurity attack, once a school system has been breached, it’s hard to predict what bad actors will do next. That’s why it’s imperative that educators prioritize not only keeping bad actors out, but also assessing how to mitigate the damage once attackers break in.
Understanding your threat vectors.
To understand your cybersecurity posture, you have to understand your threat landscape. Threats can be broken down into two major categories: outsider and insider threats. Outsider threats can be categorized as originating from outside of an organization or entity. For example, any actor outside of a school system’s purview could be considered an outsider threat. On the other hand, insider threats are those who have access to an internal system, like those who are classified as administrators, educators, or even students.
Not all ‘insiders’ are good, and some may be unwittingly bad. In many instances, the risks posed by insiders or outsiders are essentially the same. In fact, Forrester predicts that, in 2021, we’ll see an uptick in insider threats by 300 percent — meaning that, this year, thousands of employees, students, and employers who are classified as ‘insiders’ in an internal school system will be putting their organization or ecosystem at risk, either unknowingly or deliberately. That’s why it’s critically important to prioritize cybersecurity. Schools need to get their cybersecurity right every single time. Bad actors just need to get it right once to break in and break through.
But the good news is threats, whether outside or inside, can be mitigated, and it starts with limiting access by default. In the security industry, we refer to this concept as Zero Trust – and the good news is getting started with Zero Trust is easier than you may think.
Learning how Zero Trust can help you.
Think of Zero Trust this way: Zero Trust is the digital equivalent of the ‘closed campus’ model. All individuals must check in at the school office in order to be permitted on school grounds. People are automatically denied entry to the school unless explicitly allowed. No one can leave or enter school property unless they are granted entry – you deny access by default. It’s the same idea for cybersecurity. You only give people access to the systems, applications, and data that they absolutely need to do their job or get their education.
So how can schools get started with a Zero Trust model? The first step is to know your assets. Schools need to thoroughly inventory the data and infrastructure they need to keep operations running and clearly outline who has access to the resources teachers need to successfully educate remotely.
For example, there are cybersecurity technologies that can help you build a map to visualize your environment (in this case your data center or cloud) and the communications flowing within it. Being able to see and understand your environment is key to properly securing it.
Then, utilize solutions that help you enable Zero Trust across your network. Start by securing your most critical data and assets with Zero Trust solutions. There are a wide variety of tools that can help you do this – i.e., micro-segmentation for your data center, your cloud, segmentation for your laptops, multi factor authentication (MFA), and single sign on (SSO), to name a few.
Remember, there is no one solution you can implement to achieve Zero Trust overnight. It’s a strategy and a practice that requires a plan and commitment. We work hard to keep our students, teachers, staff, and their information secure when we’re in the building — we need to do the same when we’re in the virtual classroom too. Throughout the rest of 2021, keeping students secure will only get harder. It’s imperative to build cybersecurity into your learning models today.