Here are some things to remember as threat actors attack schools.
Threat actors who view educational institutions as easy targets are increasingly targeting school systems across the nation.
That means further hassles for IT professionals who are already stressed out in their roles within school systems.
“Threat actors believe schools are vulnerable and [with] underfunding, they think they’re good targets,” John Genter, VP of security and cloud operations at edtech security firm Lightspeed Systems, said during a webinar on school cybersecurity on October 20.
Initially, plan.
Troy Neal, another panelist, said that you must have a plan of action first.
Neal highlighted the security measures he takes as the executive director of cybersecurity and technology operations for the Spring Branch Independent School District in the Houston region.
“I’ve got a five-tier strategy. I’ve got air-gap solutions, and our [colocation], and our [disaster recovery] site. I’ve got good old USB hard drives that are…critical. I’ve got a cloud copy as well, in multiple cloud providers, also validating the backups,” Neal said. “But I mean, overall, you gotta start with a strategy and a roadmap.”
Staff awareness is a component of that roadmap because it is the greatest way to fend off threats.
Neal stated that his team’s “extremely rigorous software onboarding procedure” strives to close any gaps that could allow for a data breach and requires the same of vendors.
But according to Genter, those vendors could be a source of vulnerability for criminals searching for weak spots.
The majority of the time, school districts are obligated to make information on both vendors and apps available to the public on their websites, which can invite attacks.
According to the experts, schools will continue to be desirable targets for cybercriminals.
They are valuable, exposed, and reachable.
Additionally, organized groups will be able to exploit systemic weaknesses.
“The reality today is cybercriminals have organized themselves very efficiently,” Genter said. “They have a level-one support that tries to get the resources and then they escalate it to a level two, who has more skills to get to the next level. And then they escalate to a level three who really knows how to get in and break into things.”—EH
Your business have a plan in place for your cybersecurity ? Cyber Security can start at software updates, and if your businesses computers are not up to date it is a vulnerability in your network. Click Here to contact us today to setup a plan for your business or call us at 903-858-4383