All educators hold a huge responsibility in identifying and mitigating cybersecurity risks. Many people wrongly assume that cybersecurity falls solely under the watchful gaze of the technology department. However, hackers target educational institutions at all levels, including students, professors, and other staff. Regardless of their position on access, nobody can shirk responsibility, and everyone is susceptible to cyber threats.
When compared to other industries, the education sector is especially vulnerable to cybersecurity incidents. According to a recent report by CheckPoint, the education sector witnessed a 44% increase in cyberattacks in the past year. This alarming statistic highlights the pressing need for enhanced cybersecurity measures in educational institutions.
As K-12 school districts strive to bolster their security infrastructure, cybercriminals are constantly evolving and adapting to exploit any vulnerabilities. They operate with unfettered freedom, disregarding academic schedules and seeking opportunities to wreak havoc—some people just want to watch the world burn. For instance, cybercriminals often take advantage of peak academic periods, such as the start of a new semester, to launch malware attacks when students are returning to school.
Schools harbor a treasure trove of valuable data, including intellectual property, confidential research findings, medical records, and personal student information. Unfortunately, due to limited funding, K-12 often struggles to allocate resources for the latest security measures. While companies have a centralized IT environment, school districts typically have the opposite, presenting multiple entry points for cybercriminals to exploit.
So, how can K-12 education leaders, information security teams, and professors take the difficult hand they have been dealt and combat these cybersecurity vulnerabilities? Let's explore some strategies.
Key Cybersecurity Risks
According to recent research conducted by the Cybersecurity and Infrastructure Security Agency (CISA), the most prevalent cybersecurity threats faced by K-12 districts are phishing, malicious cyber actors, data breaches/doxing, domain spoofing, and end of life software.
● Malicious cyber actors: districts face threats from malicious cyber actors who aim to compromise their security. These actors, whether individuals or groups, engage in activities like hacking and unauthorized access to gain unauthorized access to sensitive information. According to a study by the K-12 Cybersecurity Resource Center, there were 408 publicly disclosed cybersecurity incidents in U.S. K-12 schools in 2020.
● Doxing: School districts also face the risk of doxing, where personal information of students, teachers, or staff is maliciously compiled and published online. This can lead to harassment, identity theft, and other harmful consequences.
● Phishing: Phishing attacks targeting K-12 involve fraudulent emails disguised as trustworthy sources, aiming to trick recipients into revealing sensitive information.
● Domain spoofing: Districts are vulnerable to domain spoofing, where cybercriminals register web domains similar to legitimate ones associated with the institution. This can deceive users who mistype URLs or click on similar-looking links, leading to potential data breaches or malware infections.
● End-of-life software: The use of outdated software and equipment in K-12 exposes them to significant security risks. With end of life software, the lack of patches, updates, and technical support leaves vulnerabilities unaddressed, making schools more susceptible to cyberattacks.
Senior Leadership's Role
As mentioned above, the responsibility for cybersecurity can no longer be delegated solely to IT departments. A study from the UK government found that around four in five (82 percent) of boards or senior management teams rate cyber security as a ‘very high’ or ‘fairly high’ priority which is a slight increase of 77 percent in 2021.
It could be easy for a senior leader to think that cybersecurity is not their prerogative and that it should be left to the experts. However, there is a balance to be struck here—leaders in education should support from a distance, not intervening in the mundane day-to-day but providing the resources and support for the team to succeed.
To fulfill their responsibility, senior leaders should prioritize investment in cybersecurity initiatives, allocate adequate resources for training and awareness programs, and collaborate closely with IT teams to implement robust security measures. Additionally, they should foster a culture of accountability and encourage staff and students to report any suspicious activities or potential security breaches promptly.
From a senior K-12 educator standpoint, you should work closely with the technology department to conduct regular security awareness training: Educate faculty, staff, and students about cybersecurity best practices, including how to identify phishing emails, create strong passwords, and recognize social engineering tactics. Ongoing training and awareness programs can significantly reduce the risk of successful cyberattacks.
Furthermore, you will need to establish an incident response plan that lays out the necessary steps in the event of a cybersecurity incident. This plan should include roles and responsibilities, communication protocols, and a clear escalation process.
From the IT side, there are a few absolutely must-dos for your team to be aware of:
- Encrypt sensitive data: Implement robust encryption protocols to protect sensitive information—encryption ensures that even if data is compromised, it remains inaccessible to unauthorized individuals.
- Regularly update and patch systems: Keep all software, operating systems, and applications up to date with the latest security patches and fixes. Regular updates will help address vulnerabilities and protect against emerging threats.
- Secure data and network infrastructure: Segment networks to limit access and monitor network traffic for suspicious activity. Additionally, consider using data access control solutions to authenticate and authorize devices connecting to the network and accounts accessing data.
- Backup data regularly: Implement a robust data backup and recovery system to ensure that critical data can be restored in the event of a ransomware attack or data loss. It’s worth regularly testing the restoration process to validate the integrity of backups.
By implementing these mitigation strategies and fostering a culture of cybersecurity awareness and accountability, K-12 technology teams can enhance their district’s resilience against cyber threats and protect sensitive data.
The education sector faces significant cybersecurity risks, and it is crucial for K-12 education leaders and teachers to proactively address these vulnerabilities. By staying informed about emerging threats, collaborating with technology and business teams, and implementing robust security measures, school districts can create a safer digital environment for students, faculty, and staff.
About the author
Charlie Sander is CEO of ManagedMethods, a Boulder, Colorado-based data security and student safety platform for K-12 schools. With more than three decades of experience in the IT industry, Charlie has been an executive at some of the fastest-growing companies in business. He holds 10 patents and graduated from the Cockrell School of Engineering at the University of Texas at Austin with a BSEE degree.