- IT teams face a major challenge: protect school networks with limited budget and personnel
- Experts say it’s no longer a matter of if a school gets attacked, but when
- See related article: Are ransomware attacks the new snow days?
Due to budget and resource constraints, many schools and other academic organizations are only able to implement very basic cybersecurity tools and processes, and this leaves them extremely vulnerable to cyberattacks.
We’ve seen this play out over the past 12 months with high-profile attacks on school districts in Los Angeles, Minneapolis and Tucson, Ariz., among many others. And, because cybercriminals can compromise school networks for big gains with very little effort, we expect attacks on education will only increase.
As the new school year quickly approaches, IT and security teams face a seemingly overwhelming task: protect school networks with limited budget and personnel. The good news is that there is some basic blocking and tackling that can significantly help schools build a strong cybersecurity and cyber resilience foundation, including:
1. Mandating strong passwords. It’s easy to choose a simple password or to repeat passwords across accounts for memory’s sake, but the consequences of doing so can be severe. In fact, according to the FIDO (Fast Identity Online) Alliance, passwords are the root cause of more than 80 percent of data breaches. Educating students and staff about the importance of strong, hard-to-guess passwords cannot be overstated. Research shows that a 12-character password could take 27,000 years to crack and cost hackers $6.4 trillion to do so. Mandating strong passwords is a simple, cost-effective way to strengthen a school’s cybersecurity posture.
For schools that are able to take credentials management one step further, multi-factor authentication is a great option. MFA is a method of authenticating into an account that requires users to present at least two pieces of evidence to prove their identity — something they know (e.g., a password) as well as something they have (e.g., an authentication code via text or email) or something they are (e.g., facial recognition or a fingerprint scan).
2. Implementing a data backup solution. While this will certainly be an upfront investment, it will pay dividends over the long-term. Having backups of your school’s and students’ data can be extremely beneficial for compliance and business purposes, and it can also be extremely valuable in a ransomware attack – where cybercriminals access data, encrypt it and then demand schools pay a ransom to decrypt it. Many schools that don’t have a data backup solution in place pay the ransom in the hopes they’ll get their data back, but this is money out of their pocket they can’t afford to lose, and worse yet, paying the ransom does not guarantee access to the data. However, if you’re the victim of a ransomware attack and have a data backup solution in place, you can evade the ransom demand by simply falling back to the backup version.
3. Taking a security-in-depth approach. Where possible, schools should take a multi-layered approach to security, including using firewalls, anti-virus solutions, anti-malware software, and encryption. Cybercriminals don’t want to work hard to infiltrate a target, so security-in-depth is an impactful deterrent that can help fend off today’s sophisticated hackers.
4. Prioritizing cybersecurity awareness and training. Students and staff are the first line of defense in network security, and they can’t do their part if they aren’t aware of the threats facing them or the actions to take if they suspect they are a victim of an attack. IT and security teams need to make them part of cybersecurity efforts by offering ongoing cybersecurity awareness and training. The best way to get them to pay attention and remember what they learn is to offer short, engaging training sessions on a regular basis, rather than long, drawn-out presentations once a year.
All this said, we’re living in a world where it’s no longer a matter of if a school gets attacked, but when. In this reality, it’s so important that schools have an incident response plan in place, so they know how to react following a successful incident and can do so quickly. Communicating to affected families should be a big part of this plan. Timeliness and transparency are key following an attack. Victims need to know the nature of the attack, what data was compromised, what the school is doing to remediate the problem, and the steps they should take to protect their personal information. From an internal perspective, schools need to take the incident as a learning opportunity – identifying what went wrong, so they can put the right people, processes and technologies in place to prevent a similar attack from happening again.
The bottom line is schools can suffer severe consequences from a cyberattack, including disrupted instruction, impaired operations, financial losses to address the incident, and the exposure of stakeholders’ personal information. By focusing on achievable cybersecurity basics, schools can fight back by building a solid security and resilience foundation that can help them defend against cybercriminals to keep their teachers, administrators, students and families safe.
- Dear parents: 3 ways AI will show up in your child’s classroom this year - September 22, 2023
- Technology is key to educating the next generation - September 21, 2023
- Online PD helps teachers respond to bullying - September 21, 2023