Recent research shows an alarming 84 percent increase in reported cyberattacks against the education sector over the past six months. Recent high-profile victims include some of the largest K-12 school districts in the country, including the Los Angeles Unified School District, the Minneapolis Public School District and Chicago Public Schools.
We tend to think of big corporations and government agencies as the prime focus of hackers. However, analysts say education is now the third-most hacked sector, behind financial services and healthcare. School districts are often targeted due to their large databases of sensitive information such as Social Security numbers, financial information and medical information.
Disrupted Learning
Beyond compromised information, it’s the impact on students that makes these attacks so damaging. Attacks commonly target critical systems such as student information databases, learning management systems and online platforms used for assignments and assessments. They can result in canceled classes, delayed exams and lost instructional time — all of which limits students’ educational opportunities.
The U.S. Government Accountability Office (GAO) recently attempted to quantify the impact on academic progress and performance. According to the GAO’s analysis, K-12 students lose up to three weeks of learning in the wake of a cyberattack. The GAO further estimates that schools will spend up to nine months and $1 million to recover from an attack.
Given the increasing reliance on technology in the classroom, it’s no stretch to think that cyberattacks on the education sector will become more frequent and damaging in the near term. That’s why improving cybersecurity for K-12 school districts was a key topic of discussion among IT professionals during the recent Florida Association of Management Information Systems (FAMIS) conference in Daytona. Verteks was a gold sponsor of the event.
Cost-Effective Strategies
Of course, school districts can’t just throw money at their security problems — budget constraints will limit the types of security improvements most K-12 schools can make. With that in mind, much of the discussion about K-12 security revolves around effective measures that are not particularly costly or complex.
Chief among these is a continual emphasis on awareness and preparation, including ongoing education and training programs for staff and students. Topics should cover safe web searching, identifying potential phishing scams, maintaining privacy and good social media behavior.
Keeping all software and operating systems up to date is crucial for addressing known vulnerabilities. Regular updates and patching should be prioritized to ensure the security of devices, applications and network infrastructure.
It’s also important to monitor the network constantly for potential security threats, respond quickly to alerts, and regularly review the log files of systems and security devices. If you don’t have the expertise or manpower to do this in-house, a reputable managed services provider can usually provide this necessary service for an affordable, fixed fee. A provider can also leverage economies of scale to provide advanced measures. These include managing and monitoring firewalls and intrusion prevention/detection systems, threat management, endpoint security and much more.
Cyber threats are a rising concern for K-12 school districts, but improved security doesn’t have to bust the budget. Establishing a best-practice approach to security and educating staff and students about safe usage are essentially cost-free activities. A managed services provider can provide more sophisticated measures for a reasonable price. Give us a call to learn how Verteks can help you improve your security posture.
