With unprecedented breaches in 2019, cybersecurity for school districts in New Jersey has become top-of-mind.
Galloway Township Public Schools, a school district in New Jersey, lost over $200,000 in a cybersecurity incident in late 2018 after a series of fraudulent wire transfers that left district administrators shocked. This incident also breached employees’ login credentials, but luckily the families and students of the school district were not affected. Just a year later, the Livingston School District (another New Jersey school district) had classes delayed after a ransomware attack. This attack forced the school district to pay a ransom, ostensibly for their compromised data. These incidents are some of the prime examples of how cybersecurity breaches can devastate unsuspecting and unprepared school districts.
What is the cost of a data breach?
The cost of the breach can vary depending on the amount of data that was compromised. In the average breach, there are over 25,000 people’s data stolen and each person’s data costs nearly $150 to retrieve. This amount is likely a similar cost to a New Jersey school district being breached; over 5 districts within New Jersey have over 25,000 students enrolled. This cost doesn’t take into consideration all the legal and regulatory consequences from the state and federal agencies after a school district breach or ransomware attack. Additional consequences can include stopping of funding, school investigations and possibly school shutdowns.
How much data can be stolen in a breach?
The amount of data that can be stolen varies on the type of cyber attack a school district experiences. If a school faces a massive ransomware attack, almost all their data will be stolen and held for ransom until they pay a certain amount to the hackers. School districts often forget how many students and employee data they have; after healthcare institutions, Some of the information that school districts have on students include addresses, emergency contacts, health records, social security numbers, private healthcare information and more. A data breach leaking any of this information can be catastrophic, especially at the scale of many of the NJ school districts today.
What does a cybersecurity assessment do for a school district?
Cybersecurity assessments are a great first step for school district administrators to examine any vulnerabilities, loopholes and the general security of their systems. The major benefit of a cybersecurity assessment is awareness. School districts are often unaware of the eminent cyber risks that their schools are exposed to. Depending on the location of your school district, there are regional and state regulations in regard to cybersecurity that your district must comply with. For example, New Jersey schools have specific corollary regulations in regard to employee and school data.
Additional benefits of cybersecurity assessments include:
- Risk/threat mitigation
- Educates administrators
- Helps craft an action plan for cybersecurity protocols
Looking to tighten up your school cybersecurity posture? If you’d like to learn about how a cybersecurity assessment can help your New Jersey school district, contact us here for a complimentary consultation.