WEBINAR RECAP: Practical Strategies for Improving School Cyber Resilience

The cyber security landscape in K-12 schools has reached a pivotal point. Despite growing threats, many schools find themselves underprepared, with a significant gap in both resources and readiness to effectively combat cyberattacks.

Our recent webinar hosted in partnership with UncommonX brought together industry experts to discuss practical strategies to address these challenges and strengthen school district cyber resilience.

Here we summarize the discussion, which featured ACP CreativIT Director of Cyber security Rod Kahl, UncommonX CEO Rich Pasewark and Middlebury Community Schools Director of Technology Jeremy Miller. We also recommend actions schools can take today to begin bolstering their cyber posture and resiliency.

The Growing Imperative for Cyber Security in Schools

Recent initiatives by the U.S. Department of Education and the Federal Communications Commission's proposal for a $200 million cyber security pilot program highlight the critical need for improved cyber resilience.

However, according to the CoSN State of EdTech Leadership report from May 2023, while cyber security remains a top priority for the fifth consecutive year, an alarming 66 percent of school districts do not have a full-time cyber security position.

This statistic becomes even more concerning in light of the Government Accountability Office's report that over 600,000 K-12 students were affected by ransomware attacks in 2021 alone, illustrating a dire landscape where such threats are becoming a weekly occurrence.

Key Takeaways from the Webinar

"I often witness data breaches and encounter potential customers who, unfortunately, only seek our help after an incident has occurred. I'd prefer to be proactive. ACP collaborates with UncommonX to detect compromise indicators early, preventing malicious actors from moving freely within an environment."- Rod Kahl, ACP Cyber Security Director 

Securing Adequate Funding

Funding remains a significant barrier, with more than one in five districts having no designated funds for cyber security defense. This issue is exacerbated by an overarching underfunding crisis, as K-12 schools in the U.S. face an estimated annual shortfall of $150 billion. Our webinar panel emphasized the critical nature of securing more funding and strategic allocation to not only address immediate cyber security needs, but also to build long-term resilience.

Understanding and Communicating ROI

The webinar participants stressed the importance of communicating the return on investment (ROI) for cyber security measures. With school downtime from attacks costing billions—as highlighted by a 2022 U.S. Government Accountability Office report stating downtime costs could exceed $9 billion when including colleges—investing in cyber security is not only preventative but also economically measurable.  

Implementing Proactive Cyber Resilience Measures

Practical strategies discussed included:

• The rigorous application of multi-factor authentication (MFA)
• Regular risk assessments
• Comprehensive education on cyber hygiene for staff and students.
• Proactive steps you can take that don’t cost anything.

Jeremy Miller's recount of Middlebury Community Schools' ransomware recovery underscores the necessity of a proactive and well-prepared approach, emphasizing that the recovery from such attacks can disrupt educational processes for months.

“We woke up Christmas Eve morning in 2019 to a ransomware attack, the Ryuk strain. And they probably sat there for a while — UncommonX suggested up to a month — trying to gather as much information as they could. It was catastrophic.”

- Jeremy Miller, Director of Technology, Middlebury Community Schools

See our case study to learn how UncommonX and its 24/7 SOC found where an attack started and sped up the start of remediation when a school network was compromised over the holiday break.

Detailed Best Practices and Solutions

Internal Best Practices: Strengthening Foundations

1. Ensure Multi-Factor Authentication (MFA): As a foundational security measure, MFA should be mandatory across all user accounts, particularly those accessing sensitive data. Schools should address any resistance by educating staff on the benefits of MFA and providing alternatives like hardware tokens for those who prefer not to use personal devices.
   
2. Update Incident Response Plans: Regularly review and update incident response strategies to reflect the current cyber threat landscape and changes in school infrastructure. This includes defining clear roles and responsibilities and ensuring all staff are trained on their roles during a cyber security incident. 
3. Schedule a Security Audit: Conduct comprehensive security audits bi-annually to assess the effectiveness of existing security measures and identify vulnerabilities. Use the insights gained to fortify defenses and prioritize areas needing attention.
   
4. Check all Data Backups: Regularly verify the integrity of backups and ensure they are performed consistently and stored securely. These backups are crucial for restoring operations quickly following a cyber incident. 
5. Reinforce Network Security: Continuously monitor and upgrade network security measures. This includes using advanced firewall configurations, intrusion detection systems, and securing Wi-Fi networks against unauthorized access.

External MDR Solutions: Enhancing Capabilities with Expert Partners

1. Real-Time Alerting: Implement systems that provide real-time alerts on potential security threats, allowing for immediate response and mitigation. This reduces the window of opportunity for attackers to cause significant damage.
2. Investigation, Triage, and Containment: Leverage external cyber security expertise to conduct thorough investigations of security incidents, followed by effective triage and containment of threats. This helps minimize the impact and scope of an attack.
3. Remediation in Concert with IT/MSP: Work closely with Managed Service Providers (MSPs) or internal IT teams to implement remediation strategies swiftly. This collaboration ensures that recovery is handled efficiently, and system vulnerabilities are addressed promptly.
4. Monthly Reporting & Review: Regular reports and reviews are crucial to understand ongoing threats and the effectiveness of current security measures. This allows for continuous improvement and adjustment of strategies based on real-world results.
5. Vulnerability Management: Use external resources to continuously scan for and address vulnerabilities within the school’s digital infrastructure. This proactive approach helps prevent exploits and secure potential breach points before they can be attacked.
6. Broad Integrations; Rapid Deployment: Ensure that cyber security solutions integrate seamlessly with existing school IT systems and can be deployed quickly to respond to emerging threats. This integration enhances the overall security posture by allowing for a unified defense strategy. 
   

Taking the Next Step

Along with illuminating the growing cyber risk facing K-12 schools, the webinar highlighted small steps institutions can take to put their districts on a path to improving cyber resilience. As the landscape of digital threats evolves, the need for schools to advance their cyber security measures becomes increasingly urgent.

By fostering a culture of proactive cyber resilience and securing the necessary resources, schools can protect their communities and ensure that education remains uninterrupted in the face of cyber threats.

Our commitment to safeguard educational institutions remains unwavering. Explore UncommonX’s MDR for Education solution and reach out to us at info@acpcreativit.com to learn more.

Watch the full video here: