Cybersecurity is a major challenge these days, even for schools. In fact, this was demonstrated in July of 2019 when Louisiana school systems experienced a flurry of attacks that caused the state’s governor to declare a state of emergency. School cybersecurity attacks can leave computing systems crippled for days and this is especially detrimental in school systems, since the education of the youth of the country is affected and slowed down significantly. School computing systems contain a plethora of data, with everything from student information, to health records and employee financial data. For this reason, it is quite important that schools stay on top of the cybersecurity challenge and ensure that their sensitive data is protected. However, this can be quite a challenge due to limited school funding. Nonetheless, schools must strive to reap the benefits of cybersecurity preparedness.
Survey of School Cybersecurity Preparedness
On the bright side of things, schools across the board are good at implementing basic cybersecurity systems according to the findings of The Consortium for School Networking (CoSN) in their Fall 2019 K-12 Cybersecurity Cost Report. The report found that school IT employees are consistently making use of firewalls, spam filtering, web content filtering, anti-virus/anti-malware, encryption techniques, and mobile device management deployments to handle simple security threats.
However, due to a lack of school funding, it can be difficult for schools to provide protection against some elements, which isn’t ideal in today’s environment. CoSN, identified a few areas where schools can brush up on cybersecurity in the report. Essentially, schools should put better network monitoring in place and prepare adequate cybersecurity incident response plans. User access security and endpoint security should also be improved.
Benefits of Cybersecurity Preparedness
By being prepared for cybersecurity threats, expenditure on responding to attacks can be slashed, freeing up these funds for other purposes. Another benefit is the knock-on effect of the introduction of educational programs. For example, New Jersey has partnered with the SANS Institute to provide high school girls with the opportunity to learn cybersecurity skills. This allows these NJ students to educate themselves about the opportunities available in the cybersecurity field, while learning how to operate online safely. The program that has resulted from this partnership is the GirlsGoCyberStart challenge. Educational initiatives like this will help keep computing systems safe, educate the public, and open future career opportunities for those who participate.
The New Jersey Cybersecurity and Communications Integration Cell (NJCCIC) recognizes the importance of cybersecurity preparedness and in response to the current environment where cyber attacks are so prevalent, they released the Statewide Information Security Manual in March 2018. The manual is a collection of standards and policies which are intended to help organizations to implement risk-based approaches to cybersecurity and to help them to establish protocols for protecting sensitive information and resources. While this manual alone can’t prevent cyber attacks from happening, it can help organizations to protect themselves against threats.
These days, even schools have to be concerned about cyber attacks. While they are doing a great job at implementing basic cybersecurity measures, they lack the funding required to implement more advanced measures which would help to protect the sensitive information stored on school computing systems. However, the cybersecurity situation with schools isn’t all bad news. Programs like GirlsGoCyberStart in NJ are helping to educate people about the measures they can take to establish cybersecurity best practices. The NJCCIC is also taking action from the regulatory side of things. They published the Statewide Information Security Manual which seeks to establish cybersecurity best practices.