New network vulnerabilities and exploits are discovered on a daily basis. The protection that was adequate just a few years ago doesn’t even come close to protecting your school district today. Mid-sized and small K-12 districts used to feel a certain amount of safety in security through obscurity - meaning a feeling that you don’t have anything hackers want - they’ll leave you alone.
However, with today’s automated attacks, everyone is at risk - including school districts. The K-12 Cybersecurity resource center publishes a map that documents schools that have been attacked and have self-reported or have been covered in the media. Many states (like Indiana) do not have any mandatory requirement to report. This means there are many more incidents that have occurred that never made the news.
As a district leader, it’s important to understand the top risks to your school district (and sometimes to you personally) in today’s cybersecurity landscape:
1. Liability - Districts and technology leaders may be held liable for network security incidents. The costs associated with these incidents can be extremely high. We have found that many districts do not have adequate cybersecurity liability insurance - or the wrong type that does not cover all risks. Furthermore, district tech leaders (as individuals) can be sued by families whose data was compromised by a security breach.
2. Reputation - The reputation of the district and leaders can be damaged when the network or district data is compromised. These incidents often become the subject of media focus, creating a public relations disaster.
3. Learning - When the network is unavailable, schools lose precious instructional time. Teachers who are planning to use technology in their classroom will suddenly need to scramble to fall back on non-digital resources.
4. Legal Requirements - Depending on the state and county, there may be legal requirements for how your data is secured. As concerns about data privacy continue to ramp up, more legislative actions will be taken. This will create an even more complex environment for school districts. Schools often have data covered by HIPPA (health/nursing records) and PCI (if your school accepts credit cards).
5. Student Digital Records - Student records could be breached and modified. This risk is not only from external entities, but also students themselves. Breached student records can negatively impact future college applications or employment. Student identities can be stolen and no one will be aware until the student applies for college financial aid.
What is your district’s state of security readiness? How reliable are your operations plans? How well does your district protect data? Contact us to collaborate on a no-charge quick snapshot survey of your overall security posture.
5 FREE Tools for Securing Your Network
Download our list!