Establishing security measures to prevent further cyberattacks is an important step in a district’s cybersecurity strategy—particularly in the wake of security risks from at-home learning during the global pandemic

How schools can take cybersecurity to the next level


Establishing security measures to prevent further cyberattacks is an important step in a district’s cybersecurity strategy—particularly in the wake of security risks from at-home learning during the global pandemic

In a recent report released by the K12 Security Information Exchange and the K-12 Cybersecurity Resource Center, cyberattacks on school districts increased by 18 percent in 2020, with a total of 408 disclosed cyberattacks. According to the Center, this is the highest number of attacks seen on the education industry ever. As students and teachers continue in-person and remote learning, this will not be the end of cyberattacks that bring education to a complete stop. To ensure students can continue to learn, there are ways to prevent schools from being targets for bad actors.

Educational institutions should follow the NCSC’s advice to do the basics: patch aggressively, ensure antivirus software is enabled and updated, and, critically, ensure that data is backed up and restoration of that data has been tested.

Looking at the current landscape, schools should not wait for a cyberattack to occur before acting. Schools must implement mandatory awareness training for all staff to reinforce how to respond and react to a suspected attack of any type. This should not just stop at faculty and staff; students should also receive training to ensure they know to flag suspicious activity. Additionally, schools need to develop an incident response plan to ensure they are prepared to defend against a cyberattack and continue schooling without interruption.

It is essential for the education industry to create a solid foundation by investing in technologies, security solutions, and processes that formalize their ability to detect cyberattacks as early as possible. These technologies can help institutions protect themselves by supplying important context into abnormal behaviors, flagging known indicators of compromise, and accelerating threat detection and response. Prevention is an important first step, but detection and response are vital because no prevention technology is perfect, and cybercriminals do not stick to one method of attack.

At the beginning of the COVID-19 pandemic, it is likely that in the rush to enable remote learning schools made some compromises to cybersecurity. Solutions that were deployed to support new ways of learning in the pandemic should be proactively reviewed to ensure any compromises that were made are at the very least understood and risk managed.

This incident is a reminder that it is time for a conversation about how cybersecurity for the education sector should be funded. Cybersecurity is not just a concern for large companies and should be appropriately funded at the state and local government level to ensure that our children can learn without disruption.

The attack against the 15 UK schools, along with so many others we have seen throughout the last year, serve as a reminder that no one is immune, and cybersecurity is not just an issue for large enterprises – it is an issue for every organization. The education industry must take a proactive approach so that students can continue to learn from home without interruption, and that their data and that of staff and parents is kept secure.

Want to share a great resource? Let us know at submissions@eschoolmedia.com.