Why is there an increase in Information Security Incidents?
In 2019, U.S schools were an attractive target for ransomware . With COVID-19 they have become even more popular as the pandemic caused a massive disruption in how education is delivered to students. Barracuda research shows that attacks on schools and universities made up 15% of attacks in 2020, compared to 6% in 2019.
Greater reliance on technology- With remote learning becoming the new normal, the reliance placed on technology has increased amongst faculty and students. This said, schools should place more of an emphasis on cyber security training to spotlight top threats.
Schools are a big target for cyber criminals- With confidential databases of student and faculty information, schools have always been a huge target for cyber criminals. According to the Childrens Internet Protection Act educational institutions must ensure that sensitive data is properly protected to prevent these types of targets.
Significant vendor security incidents- It is critically important to have clear cyber security standards for school vendors and other third party practices. As you will read in the next section breaches and unauthorized disclosures account for nearly 60% of K-12 cyber incidents.
Greater public awareness and reporting - Teaching students and faculty how to stay safe online has quickly become more than just a compliance requirement. It is critical to create a greater cyber security awareness and reporting program to protect educational institutions against the security threats.
Given the lack of attention to cyber security training, lack of awareness from faculty, staff, students can be a major threat to a school's network. . The types of cyber incidents and threats that can target a K-12 school vary from ordinary spams emails to complex account takeovers . Schools should be aware of the following threats:
Breach or Unauthorized Disclosure- In 2019, most publicly disclosed data breaches were caused by parties that were known to and already part of the school community. When it comes to unauthorized disclosure, the top two profiles to watch include (1) current and former K-12 staff (2) Vendors/Partners with access to data and relationship to school district.
Malware- A form of software specifically designed to cause damage to technical assets or gain access to a remote system. This type of threat is usually distributed through email attachments or URLs leading to malicious content.
Ransomware- A form of malware that works to encrypt a users files. Once this is done, hackers then demand a financial ransom from the victim before restoring access to data. If a school system becomes a victim of ransomware, not only will the schools system be shut down for weeks, but the overall cost of data recovery can run into the millions of dollars.
Phishing - A tactic that uses fraudulent emails to gain confidential information such as network credentials and passwords, from users. Phishing cal also include installing malicious software through fraudulent downloads and attachments.
K-12 Cyber Incidents in the News
Comply with a recognized information security standard or framework- NIST, CSF, and ISO 27001 are well recognized among business and government agencies as best practices for cybersecurity management. School systems can certify for ISO compliance, which makes it easy to demonstrate a security posture to stakeholders. ISO also offers a 27701 certification for data privacy, which can help schools meet CCPA requirements.
Invest in information security compliance software - Good software tools can take the complexity out of creating a robust security program, developing policies, and meeting ISO and NIST requirements. Orrios' Ontrack® is an easy-to-use, cost effective platform that contains a complete policy library. Request a demo today.
Develop or update your security policies - With remote learning becoming the norm during Covid-19 it is critically important to have both a remote and on-campus security policy on hand. Check out our free checklist to see if your school is on track.
Frequently test your security program - Cyber security tests, such as security scans and penetration testing, should be performed frequently in order to check on any suspicious activity. With busy IT, it is important to have a knowledgeable managed service provider, like Datalink Networks, take care of these tasks. Chat with a representative today to discuss or schedule your free scan.