K-12 schools recorded a record-breaking number of publicly disclosed security incidents in 2020, including student and faculty data breaches, ransomware, phishing, social engineering and denial-of-service (DoS) attacks. The K-12 Cybersecurity Resource Center’s State of K-12 Cybersecurity 2020 Year in Review noted an 18% increase in cyber incidents from 2019.
IT leaders must continue working with administrators, students, teachers and parents to stop security breaches and prevent future attacks. As these institutions increasingly become targets for ransomware attacks, events, where school infrastructure can be compromised, may happen at any time. A strong cybersecurity foundation is essential for schools of all sizes to plan for and prevent the possibility of these incidents.
Assess & plan
To increase access to technology while avoiding compromise, K-12 security leaders first need to gain visibility into their resources, beginning with a security risk assessment, to identify gaps and weaknesses across networks and infrastructure. These assessments also measure cyber preparedness and the ability of each institution to identify, protect, detect, respond and recover from ransomware or other cyberattacks and vulnerabilities.
Once there is an established baseline, security leaders should develop a comprehensive plan to gain continuous visibility across endpoints and networks. Securing a school’s endpoints from malware and phishing attacks is critical to establishing a greater security perimeter for student and faculty workstations, laptops, tablets and other devices that may be compromised.
Adopting a cybersecurity framework is also an essential step to manage risk to systems, assets, data and capabilities. One leading example is the NIST Cybersecurity Framework which helps IT leaders identify assets, evaluate what they need to protect, detect anomalies and events across their infrastructure, and focus on response and recovery planning. NIST also produced an Online Learning Framework — which provides a common language and systematic methodology for managing cybersecurity risk — to help security leaders manage hybrid and remote situations.
With a plan in place, it’s time for districts to implement digital best practices and necessary technology solutions.
Strike the balance
Finding the balance between access and security is a constant struggle. We know increasing access to technology is an essential part of the learning process, however, it is often IT that feels the pain of pushing for increased security. Teachers and administrators have a desire to provide easier and greater access to learning tools, but the challenge is finding a solution that doesn’t put students’ safety at risk. We need to seek technologies that push the access models for our young people while keeping a cyber-safe approach.
To illustrate one example of how to strike that balance, consider this common decision IT departments struggle with across the country. Applications that enable communication and collaboration have the potential to make personally identifiable information (PII) public to the world. Some schools block these tools, while others see them as essential for collaboration. Rather than trying to determine if restricting these apps is the best option, find technologies that allow for collaboration while limiting the leakage of PII. When we see the opposing forces that make striking that balance difficult, we can identify solutions that can continue to push the access we seek.
Monitoring & protecting
School leaders need to focus on holistic data protection and threat management solutions, especially for IT and security teams that suffer from depleted resources and budgets. Ensuring networkers are constantly monitored and protected from the classroom to the data center to the cloud should remain a top priority.
Deploying servers with built-in cybersecurity controls and a protected supply chain ensures a robust and layered security approach. Endpoint protection solutions help to detect, investigate and respond to advanced threats across endpoints, network, and cloud environments. These intelligent and automated tools help effectively identify authorized users and nefarious threats from outside school networks.
Especially as schools begin to adopt cloud solutions and a multi-cloud environment, intelligent software-defined solutions that detect unusual patterns, send alerts and protect data while ensuring compliance, and streamlined cloud recovery and restoration activities, will better defend critical data in the care of security teams.
By deploying solutions such as a physically isolated data vault with immutability for critical applications and data, schools can significantly lessen the impact of cyberattacks and resume operations rapidly should a security incident occur.
Best practices
Part of any comprehensive security transformation also requires education and awareness. It is important to build a culture of security awareness for every stakeholder in the education process, from IT staff, educators and administrators to students and parents. This strategy should include a regular cadence of training around maintaining good cyber and technology hygiene.
The threat landscape for education security leaders continues to grow, especially as new models of learning—including hybrid, blended and remote situations—arise. A focus on planning and finding new security solutions will limit classroom disruptions and boost learning outcomes.
By adopting these best practices, schools can provide the right balance of access and protection while facilitating student-centered learning.
Matt’s passion is helping customers make learning a more interactive, hands-on experience. As a former K-12 science teacher, he helped redefine a Virginia based school district’s approach to professional learning and re-envision teaching and learning practices. Additionally, he was the lead architect behind the district’s student laptop deployment. Matt holds a master’s degree in Educational Administration and Supervision from Virginia Commonwealth University.
More from DA