Don’t let cybersecurity be your curriculum's missing piece

Aug. 22, 2023
The nation’s school districts are facing higher rates of cyber-attacks than almost any sector and must be prepared

We’ve all heard of unexpected school closings due to snow storms and power outages, but there’s a new factor keeping students out of the classroom: ransomware.

Educational institutions face a higher number of cyber-attacks than ever, and these threats can have a devastating impact on students, staff, and institutions themselves. Major universities were among the recently reported victims of a notorious ransomware gang, known for exploiting vulnerabilities within popular digital tools to obtain sensitive data. Last year alone, over 40 universities and colleges across the U.S. — and another 45 school districts — suffered ransomware attacks, with the U.S. Government Accountability Office reporting that learning losses following a cyber-attack can extend as long as three weeks (with full recovery taking up to nine months).

Summer break may just be ending for many parts of the country, but this is no time for school leaders to slack off. Are you rethinking your organization’s cyber defenses?

Just like government and healthcare, education is a high-consequence industry that we must better protect against rising digital threats. Failure to safeguard data common to educational institutions will lead to major repercussions, including identity theft, interrupted learning, reputational damage, financial losses, and even legal action. It’s important for educational institutions (especially those in higher ed) to take steps now to protect themselves from future cyber-attacks — starting with a comprehensive, scalable, and 24/7 approach to cybersecurity.

Why is the rate of cyber-attacks in higher ed increasing?

By nature, higher education is a goldmine of sensitive, value-rich data, including intellectual property, student records, and financial information. Plus, within a higher ed setting, confidential information is more likely to be from individuals 18 years and older, making it easier for attackers to profit from stealing this data (as data from minors is better protected and harder to sell).

 Even more tempting for bad actors, educational institutions are often easy targets. Higher education institutions offer what’s essentially an unmitigated attack surface, with upwards of thousands — or in some cases like New York’s SUNY system, tens of thousands — of points of vulnerability.

Each device that comes into contact with an institution’s network — whether that’s a student’s laptop, a teacher’s smartphone, or any other IoT-connect tool — adds to the endless buffet of opportunities for cyber attackers to strike. Educational institutions can’t fall back on common safeguards either: Their digital experiences aren’t streamlined under a single VPN as is common in the corporate world, nor are they concentrated within one easy-to-secure physical infrastructure as may be the case with a warehouse. Higher ed’s attack surface has only grown larger and more vulnerable in recent years, following the uptick in remote learning environments during the COVID-19 pandemic. These virtual expansions added to the myriad dorms, offices, halls, and other physical locations educational institutions already contend with, making security measures even more complex and expensive.

Throw in the fact that higher ed is notoriously under-resourced and understaffed, and the perfect digital storm emerges -- a high-value, poorly protected environment, lacking deep pockets to prioritize cyber threats on par with other similarly sized organizations.

In addition to these default characteristics that increase an educational institution’s attractiveness to attackers, cyber threats are growing in sophistication and aggressiveness in their own right. There’s been a rising volume of high-quality fraud powered by AI, automating bad actors’ ability to quickly exploit weaknesses without sacrificing the authenticity of their attacks. Likewise, attackers are now able to easily target digital touchpoints beyond email — like mobile phones and educational platforms and apps — which are highly-trusted and popular channels within educational circles. When a video, audio note, or message feels believable and is shared via a platform that students and teachers frequent (say Slack), users will have their guard down and rarely second-guess clicking a link (even if they know better). That’s perfect news for bad actors.

So, what lessons can be learned from the rise of ransomware, phishing attacks, and other cybercrimes within higher ed? It’s time for decision-makers to change their lesson plans and explore new modes of protecting themselves — and the students, teachers, and many other stakeholders they represent.

Hardening cyber defenses

There are a number of steps higher educational institutions can take to protect themselves from cyber-attacks. Four immediate actions include:

  1. Educating key stakeholders

 It may go without saying among higher ed settings, but education really is key. Start by proactively providing teachers, students, and other staff members with learning resources that help individuals strengthen their everyday defenses, increase their vigilance toward potential threats, and know what to do in the case of an attack. From strong password management to secure browsing techniques, ongoing training helps those within educational spaces see why and how they should take greater ownership of the security of their digital footprint.

 Of course, cybersecurity education only goes so far and should be one of many levers educational institutions pull. For example, administrators may prove more dutiful when it comes to completing and implementing cybersecurity training, whereas students cramming for finals will be harder-pressed to buy into your next ransomware course.                 

  1. Pursuing grants

Grants offer an important cybersecurity gateway for resource-strapped organizations. In an ideal world, educational institutions wouldn’t need to rely on granted funds to meet rising cybersecurity standards, but resources do exist at the federal, state, and local levels and can be a helpful means of getting started.

 If you haven’t already, consider applying to grants such as:

●    National Institute of Standards and Technology (NIST)

●     IBM Education Security Preparedness Grant

●     Department of Homeland Security Education Program

These grants cover a variety of cybersecurity needs and best practices. To find out more about these resources and the next steps for applying, contact your state or local government cybersecurity office.

  1. Adopting an automated security operations center

No matter how vigilant students, staff, and other stakeholders are, some cyberattacks will still slip past them. Technology helps plug those gaps.

Consider a security operations center (SOC) to start, which offers a centralized environment wherein security analysts monitor and respond to threats. Automating your SOC capabilities saves time and money and reduces dependency on students, educators, and other stakeholders being prepared with human interventions.

Higher ed can also fight fire with fire when it comes to AI. Just as bad actors are using AI to improve the effectiveness and pervasiveness of their attacks, your organization can incorporate AI-automated systems to enhance your SOC capabilities quite significantly. In addition to detecting threats before they act, AI-powered security solutions are dynamic and designed to respond to attacks in real-time. This includes shutting down a threatened machine, disabling a vulnerable account, blocking the visibility of an IP address, and more — erring on the side of continuous, adaptable safety, and 24/7 security.

  1. Transitioning to a single provider

When it comes to maintaining your SOC long-term, working with a single outsourced cybersecurity provider is often much more affordable than building your own operations center. A single school system can spend thousands or even millions of dollars in ongoing digital maintenance, and the time required to conduct that maintenance and keep skill sets up-to-date with evolving threats is a massive resource investment as well.

 When searching for a provider, prioritize a partner that understands the unique limitations and needs of the education industry — particularly any budgetary constraints you face. Likewise, weed out vendors that lack a centralized, “total solution.” Similarly to other enterprise-sized organizations, educational institutions benefit from an integrated platform that simplifies cybersecurity practices. Your partner should help bring together any disparate systems to keep down costs and increase collaboration across your teams and departments.

There’s no easy way around it: Cyber-attacks pose a serious and ongoing threat to higher education institutions. That means it’s time to hit the books and take the required steps to better protect your organization, reducing the likelihood of attacks, safeguarding sensitive data, and ensuring operations — and classrooms — remain undisrupted.

Schools are just returning from the summer break, but a cyber-attack should never put education on hold.

Tony Pietrocola is President of AgileBlue. AgileBlue is a SOC | SOAR-as-a-Service platform that’s proven to detect cyber threats faster and more accurately across an entire network and cloud infrastructure. AgileBlue provides 24/7 monitoring, detection, and response to identify cyber threats before a breach occurs.

Tony got his start as an Apple Engineer from 1997-2000. In 2001 he founded Tenth Floor, a content management and e-commerce platform, acquired by Bridgeline Digital (NASDAQ: BLIN) in 2008. Tony was COO and ran global sales and M&A for Bridgeline for five years after the acquisition. In 2013 Tony co-founded (under Union Home), an online mortgage provider and financial marketplace, which was acquired by Union Home Mortgage in 2017. Tony co-founded AgileBlue in 2019 and has been president since.