October is Cybersecurity Awareness Month, bringing recognition to the importance of protecting one’s data and technology from online threats. This year, that awareness is more important for the education sector than any other, as cyberattacks continue to target education more than any other sector.
Cybersecurity Awareness Month has been celebrated each year since 2004 as a collaborative effort between the Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA).
Here’s a look at what you need to know to promote cyber awareness in your school or district.
It’s important to recognize the scope of challenges facing education IT teams.
Microsoft consistently finds that the education sector reports the highest number of enterprise malware attacks. In September 2022, education victims represented 80% of all attacks.1
Further, SentinelOne found that, in July, the education sector experienced double the number of weekly cyberattacks compared to other industries.2
Check Point Research also found attacks against the education sector grew by 75% compared to the prior year.3
These cyber attacks may or may not be successful. But cyber criminals are skilled at exploiting small gaps in cyber defenses, particularly gaps in human awareness or attention.
According to the 2019 Verizon Data Breach Investigation Report (DBIR), the top cybersecurity concern for education is “miscellaneous errors,” which account for almost 35% of successful data breaches.4
In 2020, the average ransomware demand was $312,493. That is a high number for any school district to pay, but unfortunately, the cost of remediating ransomware can often be much higher than the ransom itself, due to costs associated with fines, technology upgrades, crisis communications, and third-party security consultancy fees.
Successful breaches are not only expensive for districts to remediate, they can have long-lasting effects on students’ lives. Compromised student personally identifiable information (PII) can be used to commit identity theft. Parents rarely conduct credit checks on their children, so it can take years for identity theft to be recognized.
For a school’s cybersecurity efforts to be successful, cyber awareness has to be an ongoing state of mind among administrators, IT teams, teachers, and students. Here are five ways to help foster an environment of cyber awareness:
October is a great time to remind everyone in your school or district to change their passwords across accounts. New passwords should be significantly different than previous ones; contain a combination of uppercase and lowercase letters, numbers, and symbols; and be easy for the individual to remember but difficult for someone else to guess.
As IT managers, staff, and students come and go, it can be challenging to keep up with access policies. Take time this October and throughout the year to double check your access policies and ensure any now-unauthorized users are removed.
Take advantage of Be Internet Awesome, Google’s microsite of games and curricula related to digital safety. Share this resource with teachers and encourage them to let students play Interland, an online game that teaches key lessons of digital safety.
Every district should have a cybersecurity response plan that outlines where different types of data are stored, how to recover lost or compromised files, the chain of command and communications, relevant vendor contact information, and other key information admins and IT teams would need in the event of a breach. You can also run a phishing drill by sending a fake phishing email to teachers. The point isn’t to punish teachers who fall for the scam, but to help them be more cyber aware.
If you’ve been operating with legacy software or a free web filter, you may have holes in your lines of defense. Consider whether it’s time to upgrade to more robust, AI-driven web filtering, endpoint protection, and other security software that can automate many of your security tasks and keep your students and network safer.
Read 10 Ways to Support Internet Safety in Schools & Colleges.
If you’re ready to upgrade your security suite, Lenovo can help you make a big change on a reasonable budget. We’ve partnered with some of the best security solutions providers in the world to offer discounted bundle pricing when you purchase their solutions along with our own industry-leading software. See the bundles here
Cyber awareness is the first key to cybersecurity. Use Cybersecurity Awareness Month as a reminder to shore up your systems and sharpen your approach. Even small preventative measures could be the key to protecting your students, networks, and budget from the devastation of a data breach.
Receive the latest EdTech news and Lenovo NetFilter updates delivered directly to your inbox.
Sign Up
