top of page
Staff

Schools Face Increasing Cyber Risks and Need for Protection

The educational sphere, encompassing students, educators, parents, and staff, is facing not only physical safety threats but also increasing digital dangers. Charlie Reisinger, the chief information officer at Penn Manor School District in Pennsylvania and a professor at Millersville University, highlighted the constant cyber threats faced by schools.


In 2022, nearly 2,000 schools across 45 U.S. districts were targeted by cyber attacks, almost doubling the number from the previous year, as reported by Emsisoft.


Schools struggle with insufficient funding to combat these cyber threats, according to Josh Heller of Digi International. The Penn Manor School District, with its 5,500 students, is a typical example, generating millions of data points vulnerable to cybercriminals.


These hackers target student data ranging from personal information to academic records, posing a significant risk to their future credit and emotional well-being.


Reisinger, speaking to the U.S. Senate on behalf of the Pennsylvania School Boards Association, underscored the long-term financial and emotional impact of identity theft on students. The challenge is compounded by the vast number of devices and people in schools, creating more opportunities for security breaches.


Warren Young of Absolute Software emphasized the risks associated with lost or compromised devices. Ransomware attacks, which hinder learning by causing downtime and requiring costly recovery efforts, are a primary concern, as noted by Heller.


These attacks also report significant costs beyond financial losses, including the impact on student learning.


Federal funding and regulations are critical in combating cyber threats in schools, with industry professionals looking to the government for solutions. Opportunities for improvement include increased funding and regulatory measures like California's Age-Appropriate Design Code Act.


Reisinger advocates for closing the cyber talent gap through partnerships between schools and local universities, offering internships and apprenticeships.


Young stresses the importance of auditing and encrypting data on school devices, while Heller highlights the role of responsible vendor disclosure and staying informed about potential vulnerabilities.


School districts must be vigilant in identifying and responding to cyber breaches promptly, as emphasized by the IBM Data Breach Action Guide 2022. Multi-factor authentication is essential for security, with experts recommending physical security tokens over SMS confirmations.


Despite the challenges, the cybersecurity industry in education is collaborative, focusing on communal strategies, layered security, and cyber hygiene to protect the educational environment from inevitable cyber attacks.

bottom of page