Ransomware is a growing problem for organizations, including schools
What is it?
How does it happen?
Why does it happen? $$$ – $7bn in 2021
Who’s doing it?
We are all on the front lines now
Problems for Schools
Down time for school personnel, distraction from mission
Inability to access data; closure of schools
Loss of data, identity theft, invasions of privacy
Technical and legal fees
How Can Schools Protect Themselves
Have air-gapped backups
Conduct routine cybersecurity audits and threat analysis
Training and education for all members of the school community
The greater the access, the more training is needed
Particular focus on phishing (leading attack vector) and other intrusion methods
Competent and thorough IT department
Patch, patch, patch
Limit ability to install new programs without thorough testing
Collaboration with law enforcement
Take advantage of increased funds for cybersecurity
Bipartisan Infrastructure Law
American Rescue Plan Act
Increased interest in cybersecurity offers great opportunities for education and job training
How Much Should Schools Share with the Public?
Organizations often face a temptation to not report cybersecurity breaches
Have a thorough response plan in place; review and update on a regular basis
Consult with law enforcement to avoid interfering with investigation
Communicate quickly and thoroughly with parents if (when) a cyberattack occurs
Increased transparency helps define the scope of the problem and risk factors for others