Building Your District’s K-12 Cybersecurity Posture
K-12 institutions are under attack, and cybersecurity is very much on the radar of district CIOs and superintendents. With the increased use of technology in schools over the last five years, cybersecurity attacks at the K-12 levels have increased significantly.
Due to its complicated attack surface and opportunities for third-party risks, school districts are used as testbeds for bigger targets. In the edLeader Panel, “Building and Supporting a K-12 Cybersecurity Posture,” experts representing industry partners and schools tackled the challenges of managing the cybersecurity strength of districts.
While cybersecurity has always been under the IT department’s purview, the panelists agreed that accountability and awareness are a school community’s responsibility. The financial, instructional, and organizational impacts require all stakeholders from classroom teachers, district leaders, and school boards to assess the current security measures and invest time, money, and ownership into cybersecurity prevention and mitigation processes.
Also, due to the prolific threat of ransomware, districts need to perform thoughtful business impact and risk assessments to identify the most critical assets in the environment, determine worst-case scenarios, and gauge the long-term implications for the district. Only then can sound decisions be made when faced with an attack.
Highly recommended by all the panelists, districts should implement a crisis-response plan based on an industry-tested framework such as NIST, the National Institute of Standards and Technology, whose framework is built around five domains of expertise: identification of risk, prevention of risk, detection, response, and recovery.
Another critical component of a district’s cybersecurity posture is purchasing cybersecurity insurance. This policy, which can include extortion coverage and business interruptions, is essential to mitigating some district costs associated with an attack. For example, in 2021, the average price for a ransomware attack was $3.8 million on a $40-50k premium policy.
While this is worth it, due to the increased ransomware attacks, districts are frustrated with the skyrocketing costs and reduced cybersecurity insurance coverage. Because of this, the panelists recommended a systematic plan to identify security gaps in IT infrastructure, continuous cybersecurity training, and awareness at all times of attacks.
While cybersecurity attack preventions are the responsibility of the entire school community, CIOs have the daunting challenge of monitoring and managing ongoing risk assessment and security plans. The panelists recommended that based on the risk assessment developed by the district, CIOs and superintendents focus on critical components that, if an attack happens, can have the least detrimental impact on the instructional and business operations.
Also, implement a SIEM, a security information and event management platform that collects and aggregates log and event data to help identify and track breaches. These robust systems are invaluable to district IT professionals, providing real-time insight into what is happening in their IT environment and tracking and recording relevant events in the past.
Learn more about this edWeb broadcast, “Building and Supporting a K-12 Cybersecurity Posture,” sponsored by ENA.
Join the Community
CTO Tech Talks is a professional learning community where technology leaders can gather together to share and explore best practices, challenges, and successes in advancing learning with technology.
ENA delivers transformative technology solutions supported by exceptional customer care. We work with our customers to engineer high-capacity and future-ready connectivity, communication, cloud, security, and data analytics solutions to education institutions and libraries across the nation.
Blog post by Eileen Belastock, based on this edLeader Panel.