Enhancing Cybersecurity Measures in K-12 Schools to Safeguard Staff and Students

From our trusted partner, CampusGuard

Updated research released this month from Malwarebytes documented a 92% rise in ransomware targeting K-12 education, with nearly half of those against U.S. school districts.  

Ransomware criminals will often focus on hacking networks tied to essential services. K-12 institutions are prime targets due to the amount of sensitive student data and administrative staff records stored within their systems. Schools often possess access to parent data, including Social Security numbers and payment card information.  

In 2022, the Los Angeles Unified School District experienced a severe ransomware attack. Last year, the Minneapolis School District suffered a breach with over 300,000 files leaked, including medical records and discrimination complaints, and a $1 million ransom request. These attacks can persist anywhere from a few days to several weeks, leading schools to disrupt the educational process and suspend classes for an extended duration while network systems and data are restored.  

K-12 school systems have lagged in adopting and implementing security measures such as data encryption and multi-factor authentication, often due to insufficient information technology resources and funding. Educating end users on how to proactively protect themselves and their school community is critical for prevention. Key topics to include within your staff awareness training include: 

• Email Security  
• Password Security (best practices for creating and using passwords) 
• Social Engineering (phishing and vishing prevention) 
• Internet Safety (social media, browsing habits, and personal devices) 
• System Security (software updates, anti-virus, and multi-factor authentication) 
• Data Security (protecting sensitive data types) 
• Incident Reporting (and response) 

Ensuring users can relate to real-world scenarios and lessons learned will empower them to make better, more informed decisions in both their personal and professional lives. It is also important for end users to understand their role in protecting student and staff information, and how to respond to a potential attack or breach quickly and effectively.  

“CampusGuard has served as a trusted partner in IT Security and Compliance across higher education institutions since 2009,” said Andy Grant, Director of Business Development for CampusGuard.“With similar cybersecurity risks and threats increasingly targeting K-12 schools, it only made sense for us to partner with FACTS to help bring our team’s expertise and support to the FACTS school environments. We are excited to to protect schools from compromise with our comprehensive information security and compliance training courses and resources to engage staff with actionable information security best practices.” 

Ready to boost your school’s security posture? Contact [email protected].