Here's what IT leaders should do as they strive to keep school and district networks protected against myriad cybersecurity threats.

What are the next steps to defend K-12 schools from cyberattacks?

Here's what IT leaders should do as they strive to keep school and district networks protected against myriad cyber threats

All of this means that districts and schools will really need to focus on transitioning the short-term actions they initially took – both to facilitate virtual learning and combat cyber risk – into longer-term and more strategic cybersecurity approaches.

Examining the GAO’s findings

The GAO found that the Department of Education’s guidance to schools needs revision because cyber risk continues to evolve. The report noted that the Department is responsible for developing and maintaining a sector-specific plan to address cybersecurity risks at K-12 schools, and for determining the need for sector-specific guidance.

The GAO has recommended the education department meet with CISA to devise the go-forward plan. And in late December, Joe Biden signed into law the K-12 Cybersecurity Act, which directs the Cybersecurity and Infrastructure Security Agency (CISA) to conduct a comprehensive study of the cybersecurity risks schools face and develop recommendations and resources for schools. That will include a survey and, ultimately, an online training tool kit.

This is constructive guidance and good foundational steps for the future. In the meantime, here are some recommendations as the bigger picture evolves.

Next steps for staying secure

It’s a huge task for the nation’s education leaders to provide accurate guidance and strategy for broad consumption. K-12 education leaders can get ahead by working on their local plans to:

  • Examine their city or county district strategies and processes to address Denial of Service, including video conference disruptions
  • Develop and exercise processes to isolate, eradicate and rebuild following a ransomware attack
  • Educate teachers and students while providing tools for addressing business email compromises and email scams, including use of mail filtering tools.

Pulling all of this together in the turmoil of the pandemic is a challenge for the agencies and departments involved – not to mention the actual schools themselves, which are grappling with limited budgets, staffing shortages, and IT skills gaps (not to mention the overall cybersecurity skills shortage facing almost every industry).

However, schools need to improve cyber hygiene and security posture now. To provide our nation’s young learners with the full cybersecure and safe environments where learning flourishes, additional strategies are needed:

  1. Make security awareness training a priority. Every teacher and staff member should know how to identify phishing emails and know not to click on suspicious links. In addition, make sure you have tested, password-protected backups that are stored offline.
  2. Regularly update and patch your critical systems.
  3. You should also have web application firewalls in front of your learning management system and anything else that’s externally facing.
  4. Develop and test a comprehensive cybersecurity incident response plan — a guide that outlines the steps to manage incidents such as a ransomware attack. The plan should identify members of an incident response team and describe their roles and responsibilities.
  5. Deploy network firewalls and practice network segmentation to separate internet-facing applications from back-office applications. To help prevent email phishing, make sure you have anti-malware and anti-spam capabilities.
  6. Simple, automatic secure remote access that verifies who and what is on the network and secures application access no matter where students and teachers are located is helpful to enable secure learning-from-anywhere.

A fighting chance

Virtual learning, staff shortages, and increased cyberattacks: that’s a difficult environment in which to secure school networks. So, it’s incumbent upon K-12 schools to be proactive in the fight against cybercrime. Taking action now will give them a fighting chance against the bad actors ruthlessly seeking to attack their networks.

Want to share a great resource? Let us know at