Ransomware attacks and data breaches continue to show no signs of slowing down. Companies across many industry verticals fall victim to what seems to be an almost daily occurrence. Most recently, the education sector is proving to be an easy & attractive target.
Recently, the K-12 Cybersecurity Resource Center’s K-12 Cyber Incident Map reported its 535th publicly which means the number of data breaches against K-12 school districts in 2019 has overwhelmingly surpassed 2018’s total.
K-12 school districts, higher education, and even commercial companies working with educational institutions are at risk. Every year, more schools make the transition into the cloud and security falls further behind. The adoption of cloud technology in schools means that not only must security teams have the resources to monitor for suspicious and malicious activity from the outside, they must also be better equipped to monitor for potential threats from inside as well.
Schools today cannot function without education-oriented cloud technologies and applications. Computers, laptops, and cloud applications like Google G Suite and Microsoft 365 are now as essential to a school supply list as notebooks, binders and pencils. Teachers and staff members use these cloud-based productivity applications as much as they do email, spreadsheets and word processing.
Tight budgets & funding shortages mean that securing district networks is often deprioritized. Here are three approaches that school districts should take to protect themselves moving forward.
Focus on Prevention – Not Mitigation
Most school don’t have a staff member dedicated to handle cyber security incidents. Because of this, bad guys & hackers find it easy to make education a target and the mindset must shift from “if an attack happens” to “when an attack happens.”
Many NJ schools have made the transition to administration and classroom operations in the cloud. The issue is that securing data in cloud applications is an afterthought. As a result, schools are leaving student data vulnerable to identity theft, fraud and other emerging threats.
By shifting the focus to secure applications and data before an attack happens, rather than after, school districts will be better prepared to protect students, staff and operations against an external attack, or internal incident.
Data Loss Prevention – Make IT a Priority
There are numerous data security and privacy requirements mandated by laws and regulations, such as the Children’s Internet Protection Act (CIPA), Family Educational Rights and Privacy Act (FERPA), and the Children’s Online Privacy Protection Act (COPPA). Under some of these regulations, an organization may be penalized for each lost or stolen record, which can add up quickly. Beyond that, there are other penalties for failing to protect data school districts must be thinking about.
They include the loss of personal and financial data such as payroll information, school financial information as well as student’s personal information. Schools across the country have also been forced to shut down for days at a time due to ransomware and safety systems attacks, interrupting academic achievement and safety for students.
School districts don’t have the huge security budgets of large companies and, unfortunately, are key targets for many cyber criminals. When thinking about preventing data loss, implementing tools and solutions are what most think of doing as the first step. Data loss prevention tools can monitor user activity — of both staff and students — to detect improper or unusual behavior.
Educating staff and students on the most common types of internal incidents caused by human error and the various external threats they may come across can go a long way in helping with your Security initiatives. It also requires planning and documented processes by the school itself to be better prepared and protected.
Minimize Internal Threats
The increase in adoption of cloud applications means schools must also improve their security to prevent an internal incident. School districts that have recently transitioned to the cloud may not realize cyber security means more than securing a network with firewalls and gateways. It also means securing the data within the cloud environment — even when an individual and device physically leaves the premises.
For example, a member of a school’s faculty — or a student — could be at home and click on a phishing link. That link has now granted hackers access to the school’s cloud environment. Hackers are then able to pass through any firewall and gateway schools have in place, and can download and share any files they want, which is why schools must also monitor the activity taking place on the inside of their environment. Most worrying of all, schools may never know the breach took place unless the hacker discloses it, which is what is typically seen in a ransomware attack.
Verizon’s 2019 Data Breach Investigations Report found that nearly 32 percent of breaches involved phishing, 34 percent involved internal actors and that errors were causal events in 21 percent of breaches. Focusing on cloud application security as much as network or endpoint security will help minimize the internal threats that could occur throughout the school year and will help prevent sensitive data from leaving a school’s environment.
Hackers are becoming more sophisticated in their attacks, and they are increasingly viewing schools, districts and higher education institutions as easy targets.
Remember, better security doesn’t have to be expensive or complicated. It does have to be configured correctly, and continuously monitored for vulnerabilities and potential breaches. Otherwise, hackers will go unnoticed in their attacks. The time is now for school districts to focus on prevention and stop hackers in their tracks. For more information on how to keep your school safe contact our team at 973-607-2140