Recently everywhere you turn you hear the term Cyber Security – in the news, at work, over the radio. You get notification from your tech team, not to open certain emails or instructions on how to come up with stronger passwords to further protect your data. Have cyber threats really risen or is it just the topic of conversation for the year?
The truth is that according to insecpro.com, there are approximately 556 million victims per year, over 1.5 million victims per day, more than 232 million identities exposed, and as many as 120,000 Botnets infected “zombie” computers to send out spam each day. In 2013, 59% of ex-employees admitted to stealing company data when leaving previous jobs. In the past two months, Lowellville School District, New Dorp High School, Shorter University, and the University of Chicago, have made headlines for alleged cyber security exposures. Just last week, the U.S. State Department had to shut down its email servers after a malware attack. I think it is safe to assume that the threat is real.
Below is a great graphic illustrating the common types of cyber-attacks. For the complete infographic visit http://www.insecpro.com/index.php/articles/cyber-crime-statistics.
Image from www.insecpro.com
Cyber security measures are a little more difficult in the educational setting. One of the main principles in education is the exchange of ideas and information and as more information migrates into a digital form, school districts have to find the right balance between securing their information infrastructure and making information available to the school community. Not only do administrators have to worry about their own devices, but with schools becoming BYOD and 1:1, they also have to worry about data coming from outside sources.
School districts also have to deal with regulatory issues related to information access and security. When making technology decisions they must consider IDEA (Individuals with Disabilities Education Act), FERPA (Family Educational Rights and Privacy Act), National School Lunch Program (NSLP), HIPAA (Health Insurance Portability and Accountability Act), and CIPA (the Children’s Internet Protection Act) to name a few.
While cyber security may seem like it should be the technology department responsibility, the key to great security is to enlist the help of all departments and have them become your allies in keeping your organization safe. Engage your finance team in learning more about cyber liability insurance and its benefits, as well as security measures to ask outside vendors to make sure all your financial data is safe. Have open communications with your human resources team, and discuss what new threats might affect them. Converse with your public relations team on how they would deal with a data breach, if one were to occur. Explain to the leadership team, how important it is to invest in cyber security and how much it can cost, if a breach were to occur. The cost of doing nothing, is much greater than the cost of putting adequate measures in place and educating the staff.
In conclusion, cyber security threats are rising, they are real, and they are affecting school districts. Districts must be prepared for these attacks and have complete district support on how to handle a breach. To continue the conversation and learn more on how to protect your district, join us at our Cyber Security Institute this May. Click here to learn more.
Tech Talk Live is the only conference of its kind in the region specifically designed for IT pros in education.
1020 New Holland Avenue, Lancaster, PA 17601