We’re now two years into the COVID-19 pandemic and we continue to see massive digital transformation and innovation shaping the way we live, work, and learn. Technology supports the transformation of every industry imaginable–especially education. New models of learning, such as hybrid, blended, and remote, have led to more accessible education for many. However, with many devices moving out of schools and into the often less-secure homes of students, teachers, and administrators, K-12 cybersecurity threats have become more prevalent. The digitalization of schooling has created an environment that gives cybercriminals even more of an opportunity to target K-12 schools.
We know that schools are under attack. In just one month in 2021, educational organizations were hit by 5.8 million malware attacks – and that’s just what was disclosed publicly. One of the largest incidents involved 1.5 terabytes of data, including academic transcripts, resumes and financial support documents, being exposed due to unsecure processes and storage.
The realities are deeply appreciated by our school leaders. Respondent data from a recent survey found that 86 percent of K-12 and higher education institutions believe their organization has increased exposure to data loss from cyber threats with the growth of staff and students working and learning from home. Yet, despite the prominence and perceived awareness of such threats, 67 percent of those respondents are concerned their existing data protection measures may not be sufficient to cope with malware and ransomware threats. Therefore, educational institutions must urgently take action to improve their protections.
Reflect: Conduct a Risk Assessment, Adopt a Cybersecurity Framework, Balance Risk
To be successful in goal setting, it’s important to reflect on what areas need to be improved and what areas are already in a good place. A cyber risk assessment from a qualified cyber professional is an essential first step in ensuring a school can mitigate losses and recover from cyber threats.
Analyzing systems, assets, data, and capabilities properly identifies risks so security professionals can formulate a plan of action to improve a school’s cybersecurity posture. The focus should be placed on K-12 cybersecurity preparedness with a strong emphasis on developing an incident response plan encompassing multiple scenarios, such as ransomware and other attacks.
The National Institute of Standards and Technology’s Framework is a starting point for building a new cybersecurity plan or strengthening an existing one. The Framework Core identifies and documents cybersecurity activities and outcomes for organizations to manage and control, giving schools a better understanding of cybersecurity risk management. The Framework Implementation Tiers can help to identify the appropriate level of rigor for a cybersecurity program, and is often used to communicate risk appetite, mission priority and budget. Framework Profiles can be used to prioritize opportunities for cybersecurity improvement.
Tools that provide students access to information or encourage collaboration are beneficial to students and faculty, but can be a challenge to many IT security professionals. Taking on that challenge is essential to the advancement of many school programs and to enable students to be competitive in the ever-changing digital world. By seeking solutions that benefit both parties, schools can continue to provide excellent educational opportunities while also minimizing cyber risks.
Refresh: Educate Students and Faculty on K-12 Cybersecurity
With cybersecurity incidents and attacks becoming more frequent in the news, the need for good cybersecurity practices is generally understood. But it’s always helpful to re-emphasize the need for good practices and refresh education.
Everyone plays a role in cybersecurity, so it is essential to maintain a secure environment with minimal risks. Scheduling recurring training with security professionals will build a culture of understanding the threats, risks and mitigation efforts. While many may view this as tedious and time-consuming, the benefits will pay dividends in the future.
Reset: Implement Monitoring Programs
Strong monitoring and protection solutions ensure timely detection and response against active threats in a way that minimizes the risk of a successful attack. A starting point is to identify well-known vendors and suppliers with an established record that can provide extra resources and support if necessary. Using a secure supply chain to purchase and utilize technology solutions that feature built-in cybersecurity controls can further mitigate risks and data spillage.
Many adoptees of cloud-based solutions have found that they can further utilize intelligent software with artificial intelligence to detect unusual patterns, create remote alerts and have another layer of protection against cyber threats.
Revamp: Seek the Right Talent
When possible, school districts should evaluate ways to revamp their cybersecurity human resource capacity. These are hard conversations for school leadership to have. The potential of dedicating funding to new, difficult-to-hire, highly valued professionals, can be at the expense of important programs. However, many schools have more managed users than our country’s largest companies serving some of our most vulnerable people. Part of human capacity evaluation should explore the adoption of new operating models, such as incorporating “as-a-service” offerings that seamlessly extend the capabilities of the cybersecurity practice through qualified service providers. This is paramount to the detection and response phases of an attack, though also highly impactful in the case of recovery.
There should also be a shift in mindsets to align with standard cybersecurity strategy, particularly as it relates to the top cybersecurity role in any organization, namely the role of chief information security officer. This role has not enjoyed the same level of adoption in K-12 as in other segments or industries. School districts should strongly consider appointing a person with the unique responsibility of leading K-12 cybersecurity efforts in every school and/or district as appropriate.
The past two years have changed how the world thinks and operates. We are likely to see even more changes to our school environments over time, but also recognize that remote learning isn’t going anywhere anytime soon. What’s important right now is finding and establishing flexible and scalable solutions that will limit cyber breaches, today and in the future.