From education to employment

The Four Cybersecurity Lessons to Teach Schools

Immanuel Chavoya, Emerging Threat Detection Expert, SonicWall

With schools out for summer, the education sector can’t quite switch off yet. Several high-profile cyber attacks have put education systems on edge. The Kellogg Community College cyberattack in Michigan, which severely disrupted IT services, cancelling classes and exams in the process, shows there is still much to be done to protect the education sector.

The sector has been a prominent cyber target for a while, the higher education sector in particular, due to research programs that house valuable data. A 2022 Mid-Year Threat Report finds that ransomware attacks have climbed 51% since last year, while malware is up 22%. A recent survey found that a third of UK schools lack cybersecurity policies. Another example dates only back to May 2022, when a breach of education software provider Illuminate Education exposed data of over 1 million current and former students across New York State. According to recent data from SonicWall in 2021, the education industry saw a 152% increase in ransomware attacks; and an average of 22% were targeted by malware attacks each month. Clearly, cyberattacks are relentlessly rising.

As many industries grapple with growing cybersecurity threats, the education sector must use this time off wisely and take new steps to safeguard digital assets, protecting its infrastructure and the lives of its students.

There are four key steps that educational institutions must take to invest in their security.

1: Adopt a security mindset.

In practice, there are two cybersecurity mindsets. One belief that has grown popular in the past few years assumes that no matter how protected you are, bad actors will get in, using network monitoring to identify and mitigate threats. The other belief involves guarding the security perimeter to stop bad actors from gaining access in the first place.

Both of these philosophies have their merits – guarding the perimeter to make the life of a cybercriminal more difficult and monitoring the network in the case that these protections do not suffice. This is incredibly important for education institutions in particular, given the large number of devices on their networks; which has only grown in the wake of remote learning.

2: Setting up a safe and secure school perimeter

To effectively ensure that education institutions can guard their perimeter, they must look to adopt a Zero Trust Framework. This is the process of requiring continuous authentication and validation of all users trying to access before allowing them into the data and applications of the situation. For a sector with so many users and often small IT teams, this can be quite the challenge. However, it is an essential step to ensure that data remains not only secure but in the right hands.

Schools must also be sure that users have the correct tools and know-how to protect themselves from security threats. A 2021 Data Breach Investigations Report by Verizon, found that 85% of breaches involve a human element. They are the first and arguably most important line of defence in establishing a strong and secure network. By implementing stronger password policies as well as multi-factor authentication, you set up users for longer-term safety by adding another layer of protection. With the growing presence of the cloud in the education sector, this is of grave importance, as many education tools can now be accessed from anywhere with only a password.

Training users at every level: students, teachers and staff watching out for signs of a potential cyberattack is another important lesson. Business Email Compromise (BEC) is a common attack vector; a type of social engineering scam that is used by bad actors to get these users to hand over sensitive information including login credentials. These are the costliest forms of attack; with a 2020 report by the Internet Crime Complaint Center finding that from 19,369 BEC reports, over $1.8 billion was lost. If users are better trained to spot these sorts of attacks, they are less likely to hand over the keys to the educational kingdom.

3: Safeguarding and navigating public networks

Education has relied on digital enhancement for years, and networks play a key part. From accessing online resources to administering attendance, it powers schools, but it also acts as a vulnerable entrance for bad actors to enter. One method of improving Wi-Fi security is by implementing a content filtering service. This compares requested sites against databases which will deny access to websites that can be potentially harmful.

To ensure proper network safety though, more can be done. A crucial way in identifying security threats and performance issues is to bring in a network monitoring system. Enabling this ensures systems can operate at a high level, securely. Network segmentation is also of great importance. By dividing networks into smaller parts, should a bad actor enter and threaten to take a network offline, they won’t be able to shut everything off.

4: Create a Cyber Plan-B

As cybercrime increases, educational institutions cannot afford to have their head in the sand. It is only a matter of time before your school becomes a target. It is therefore of utmost importance that education providers have an independent response and disaster recovery plan in place, should the worst occur. Alongside backing up any mission-critical data, the plan should involve immediately informing users of the next steps in the wake of a suspected cybersecurity incident. IT and security teams are then able to quickly respond and minimise damage.

The threats facing the education industry are unlikely to slow down. However, if education providers use this summer break wisely, they will be able to better prepare themselves and enhance their chances against opportunistic cybercriminals.

By Immanuel Chavoya, Emerging Threat Detection Expert, SonicWall


Related Articles

Responses