Cybersecurity remains a major problem for K-12 schools. In fact, it’s ranked as the primary concern among EdTech leaders in 2023. The future of cybersecurity in schools is a pressing concern, marked by the dynamic interplay between emerging trends, practical tips, and cutting-edge tools.
This article explores the evolving nature of cybersecurity in educational institutions, delving into the key trends shaping the landscape, offering practical tips for maintaining a secure learning environment and highlighting the latest tools that empower schools to stay ahead of cyber threats. As we navigate the ever-changing digital terrain, understanding and adapting to these developments is essential to ensure a safe and secure educational experience for students and educators alike.
Current cyberattack trends in schools
It isn’t hard to understand the concerns around school cybersecurity. Not when you consider that incidents are happening left and right - with one in four schools hit by cyberattacks in 2022 - and technology is only becoming more prominent in the classroom.
Several incidents in recent years have proven to be very costly. These incidents include a 2021 cyberattack on the Broward County Public School District of Florida. The district received a ransom request for $40 million.
Other attacks were costly in a different way. The University of Kentucky uncovered a breach that saw 335,000 email addresses compromised, although those email addresses weren’t limited to the university.
The University of California was also affected by a breach in 2021, with the leak affecting employees, students, current applicants, and almost everyone connected to the school system.
The rise of ransomware attacks in education
Ransomware attacks have become particularly prominent in schools. In 2021, ransomware incidents were the most frequently reported cyber attacks in schools for the first time in history. It didn’t fare any better in 2022 when at least 45 schools were victims of ransomware attacks.
Ransomware has undoubtedly caused havoc in schools as of late, and protecting against this cybersecurity threat is one of the biggest challenges for K-12 IT directors. So, it would make sense for schools to work hard to include a defense against this type of breach in their cybersecurity plan. Ransomware is an attractive route for hackers, as they have potential access to both administrative records and student data. That’s in addition to parent data, such as credit card information and Social Security numbers.
The above K-12 Cyber Incident Map includes 62 ransomware attacks in K-12 schools in 2021. These incidents showed no regional bias, with reports from districts of varying sizes across 24 states.
The other types of data breaches included in the graph are:
- Student data breach: A breach that compromises K-12 student data.
- Invasion: A threat actor cracking into a video conference to cause trouble.
- Other: Other breaches include malware and password guessing.
- Denial of Service (DoS): Cyber attacks with the purpose of rendering a service inaccessible.
- Defacement: Website penetration designed to display the hacker’s messages.
- Business Email Compromise (BEC): Phishing emails that target businesses.
Current and future cybersecurity concerns
As security threats become increasingly sophisticated, the consequences will only become more expensive. Cybersecurity Ventures predicts that the cost of cybercrime will reach a staggering $10.5 trillion by 2025. Schools that fail to plan for future cybersecurity attacks could be making an expensive mistake.
Schools must remain aware of and prepare to defend against evolving cybersecurity threats. An increase in IoT, AI, cloud usage, and remote work expands the attack surface, which is why it’s so important to remain alert. Here are some examples of technology that create opportunities for cybercriminals to exploit.
Increased use of Internet of Things (IoT)
Research firm IDC estimates there will be 55.7 billion connected IoT devices by 2025, generating 73.1 ZB of data. On the one hand, the speed and scale of this data is exciting. On the other hand, it’s frightening - it only makes sense to make this data as secure as possible moving forward.
Cybercriminals may already be preparing to exploit that vast increase of connected devices, further strengthening the case for more robust cybersecurity. With schools increasing their connection to IoT devices, the need to secure the data of students and staff will only grow.
Cyber threats associated with 1:1 device programs
A March 2021 survey from Education Week revealed that 84% of elementary schools and 90% of middle and high schools provided each student with a device. With more devices circulating among students, it only presents more opportunities for hackers to access school networks.
The rise of hacker automation
Cybersecurity attacks are becoming increasingly automated. While attacks were once targeted and carried out manually, they’re now on autopilot. Hackers generate code that does their work for them, allowing them to work faster and at a larger scale.
According to the U.S. Cybersecurity & Infrastructure Security Agency, schools and other small- to medium-sized enterprises are particularly at risk, primarily due to their limited cybersecurity resources.
Human error
Human error will always be a valid concern regarding cybersecurity. One innocent slip-up could result in a breach that leads to a mass leak or a ransom, requesting millions of education dollars.
It would seem that too many schools are unprepared for the future of cybersecurity. Some 26% of teachers say they haven’t received security or digital privacy training. That schools are aware of the risk involved in human error makes this statistic particularly concerning.
Emerging tools for the future of cybersecurity
Decision-makers are turning to various tools and strategies to keep up with the increasing threat of cybercrime in schools. Let’s explore some emerging technologies poised to help the future of cybersecurity in schools.
Artificial Intelligence (AI) and Machine Learning (ML)
AI and ML enable schools to analyze vast amounts of data and threats far more quickly than ever before possible. These technologies can counter cybercrime by identifying patterns in user behavior and detecting irregularities and anomalies within the network.
All this data and analysis allows AI and ML to combat potential security threats in real time. As these technologies already impact various industries, it’s fair to expect them to play an essential role in the future of cybersecurity in education needs.
A well-structured device lifecycle management system
Device lifecycle management helps ensure that technology is well used from the moment of acquisition to the day it goes out of service. There are five phases of device lifecycle management:
- Planning: Involves creating a budget and determining the criteria.
- Acquisition: Includes vendor research and establishing a purchase plan.
- Deployment: Comprises configuration, management, training, and device distribution.
- Usage: Written usage policies need to be created and shared, including policies on information and maintenance.
- Maintenance: The better the maintenance, the longer the device’s lifespan.
- Recollection: Retrieving devices from students once the school year has ended.
- Disposal: A disposal plan ensures that the device doesn’t end up in someone else’s hands.
Device lifecycle management encourages schools to keep up with the latest technology and to continue evaluating if they need to update their devices. This system can help improve cybersecurity by simultaneously adding security software to all devices, using software to monitor network and location, and updating anti-malware software.
Zero trust approach
Zero trust is a cybersecurity strategy that assumes all devices and individuals are trying to access locked resources even if they aren’t. As a result, it requires numerous verifications and authentications.
A zero-trust approach is the principle of strict access and not trusting anyone, even those inside your network. The security model requires strict verification for any user and device attempting to access information on a private network.
As we’ve already said, cybercrime is becoming increasingly sophisticated. Considering that, a zero-trust security approach would suit any school's cybersecurity strategy. The main benefit of zero-trust is that it reduces an organization’s attack surface. It’s also useful for damage control in the event of an attack by restricting the breach to a single small area.
Insisting that each request be verified reduces threats from using vulnerable devices like IoT devices. It’s also useful for identity and access management (IAM), including multiple authentication factors.
Increased multi-factor authentication
Multi-factor authentication (MFA) reduces the effects of phishing attacks and user credential theft. Cybersecurity in schools shouldn’t rely on passwords alone. MFA creates an additional layer of security by presenting users with a challenge to authenticate their details. Today’s MFA is fast and easy, which explains why schools are moving in that direction.
Cloud security
Cloud security is made up of various security measures intended to protect cloud-based data, applications, and infrastructure. These measures ensure device and user authentication, data privacy protection, and resource and data access control.
The technology protects school data from hackers, malware, distributed denial of service (DDoS) attacks, and unauthorized use or user access. Cloud security can benefit schools by:
- Helping to achieve reduced upfront costs.
- Reducing administrative and operational costs.
- Improving DDoS protection.
- Increasing availability and reliability.
- Enabling more straightforward scaling.
5 tips for keeping your school cyber safe
Much of online education for students has focused on Internet privacy and safety - and for good reason. However, it’s important to focus on keeping student accounts and identities safe and away from the prying eyes of hackers. Below are three tips for updating your school’s cybersecurity to stay safe in the increasingly vulnerable virtual world.
#1 Adopt a cybersecurity framework
A cybersecurity framework provides a “best practices” outline for measuring cyber risk tolerance and establishing controls. Having this solid foundation allows you to establish a comprehensive approach to cybersecurity that includes policies, procedures, and technical controls aimed at reducing the risk of school data breaches or cyberattacks.
There are many different types of cybersecurity frameworks, each meant to protect against different types of cyber risks. The two that are most relevant for school systems are the National Institute of Standards and Technology (NIST) and the Center for Internet Security (CIS). Both of these resources are a great way to get started to improve the future of your school’s cyber security.
#2 Invest in cybersecurity training
As discussed, human error will always be one of the main concerns regarding cybercrime. Unfortunately, there are almost infinite ways this can play out. These can broadly be placed into two main buckets: errors of skill and decision-making.
- Errors of skill: Errors of skill occur from lapses and slips. These tiny mistakes crop up when users perform everyday tasks. They know what to do but fail to do the right thing due to negligence, a mistake, or a temporary lapse of judgment. They could be tired, distracted, confused, or simply weren’t paying attention.
- Errors of decision-making: Several factors can be involved when it comes to making an error in decision-making. Often, these factors include insufficient knowledge, inadequate information regarding the specific circumstance, or a failure to realize that inaction is a decision in itself.
Cybersecurity training addresses each of these categories. This training can help raise the employees’ awareness level regarding cyber security threats, reduce the risks of cyber attacks, and help install a security compliance culture within the company. For student learning, check out these guides for teaching digital citizenship.
All hands on deck
Security is not a tech problem - all administrators must be involved in executing a cybersecurity plan, especially the school’s principal. Principals are ultimately responsible for making the decisions that ensure the well-being of school students and staff. It’s vital that they advocate for proper cybersecurity software and training and regularly raise awareness around tech security.
When addressing future cybersecurity strategies, principals must include an initiative for every employee to undergo cybersecurity training. It allows them to develop the skills to identify potential attacks and take the necessary precautions to prevent them.
Another important aspect of this is IT monitoring. IT monitoring is a collection of processes and products that determine whether or not an organization’s IT services and equipment are working correctly. It also identifies and helps resolve issues.
According to Gartner, IT downtime costs $5,600 per minute on average. IT monitoring uses basic tools, as well as AI-based advanced solutions, to predict and prevent outages from occurring. As IT infrastructures are more complex than ever, IT managers must install systems that enable them to keep up. IT monitoring isn’t just critical to an organization because it ensures system performance, it also sees that essential services remain operational.
#3 Implement an incident response plan (tabletop exercises)
Priority number one is preventing a cyberattack, obviously. But your school’s cybersecurity plan is incomplete without planning for the “what if.” That’s where an incident response plan comes in, also called a tabletop exercise.
A tabletop exercise (TTX) is a preparedness activity meant to simulate the experience of a school cyberattack. That way, should it happen, everyone is on the same page on how to handle it. Through the tabletop exercise activity, you should define the strategy and share answers to the following questions:
- What happens if a school data breach is discovered?
- Who should the cyberattack be reported to?
- What roles will staff, administration leaders, IT personnel, and law enforcement play?
- What resources are available?
- What will the breach notification look like and who will be responsible for sharing the information?
You may want to include additional questions unique to your school in your incident response plan. The main objective is to make sure that everyone is aware of what to do in the event of an attack so that, if one happens, there’s no confusion or panic.
#4 Update your security software
Relying on out-of-date software is like leaving your home unattended for a week without closing the windows. Cybercriminals are always looking for holes to exploit, and uninstalled updates only help them do just that.
Updating school cybersecurity software takes only a few minutes. It’s also far less convenient than dealing with the effects of a cyberattack. To make it even easier, you can automate security updates and patch management. Security vulnerabilities are publicly reported daily, allowing cybercriminals to move quickly to exploit those new vulnerabilities. Patch management is the process of planning, testing, and implementing software updates or patches to address these vulnerabilities and improve the security and functionality of computer systems.
Automation also can help prevent school staff from falling for bogus updates. They’d be right to be suspicious of an unexpected email or a pop-up message telling them to click on a link and download a software update. Fake updates are one-way cybercriminals prey on the lack of knowledge of their victims. Updates should only be run or downloaded from trusted locations or sources.
#5 Be mindful of the physical aspect of security
While being cautious of cybercrime is mainly about digital protection, there’s another side to it. And that’s related to physical devices.
For instance, teachers should encourage students to lock their devices - smartphones, tablets, laptops, etc. - when they leave them unattended, even within the school. Otherwise, anyone in the vicinity could potentially access them.
Students should also be careful of who they give access to their devices. Trusting their parents is one thing, but handing their phone to someone they only know casually to “quickly look up something online” could end poorly.
Navigating the future of cybersecurity with Prey
The increase in cyberattacks in schools remains a concern, especially with our growing reliance on technology in the classroom. However, with committed, proactive leaders, schools can fight cybercrime and create a safe environment for students and everyone connected to the school network.
Leaderscan reduce the risk and impact of cyber threats by developing a cybersecurity strategy for schools, investing incontinued education andthe latest technology, and consulting with professional cybersecurity experts. Education leaders have a responsibility not only to face the challenges but also to take advantage of these opportunities.
Recovering from a breach is time-consuming and expensive. By working with Prey, you can help to avoid this nightmare scenario. Prey will help ensure you have a robust cybersecurity system and can identify and thwart potential attacks.
With this system in place, your students, staff, and families will have confidence and trust that they're in a protected digital space. Schedule a call with Prey today to take advantage of our edu discount and create a safer digital future for your school.