Tech Tidbit… Cybersecurity is everyone’s responsibility

June 21st, 2023


Cyber Security has grown into an issue that needs to be addressed by everyone in a school district, not just by the Director of IT. To that end, we are starting a weekly bulletin series aimed at helping School Business Officials, who generally own the district’s risk management responsibility, become more knowledgeable about the scope of the Cyber Security risks all school districts face. It will be sent directly to School Business Officials that opted to receive these bulletins. This week’s bulletin addresses the evolution of the Cyber Security landscape and stresses the importance of staff education and the role they play in keeping the district’s network and data safe. So in this week’s tidbit, we will revisit one of the most critical topics - the idea of email security.

Please remind all school staff to be mindful of their email inboxes……...

According to a recent post from SentinelOne, education is the most targeted industry with an average of 2,297 cyberattacks against organizations each week in the first half of 2022; a 44% increase compared to the first half of 2021. In July of 2022, the education sector experienced double the number of weekly cyberattacks when compared to other industry averages.

The start of a new school year can be stressful for everyone. New students, new technology, new processes, and procedures. In addition, many school district employees are still dealing with the aftermath of the stress they experienced during the pandemic. Not everyone is at their best. The bad actors know all this. They are counting on it. All they need is one over-stressed and distracted person to make one mistake and click; we are off to the races with a malware event.

We continue to see first-hand the uptick in malware delivery attempts in the email filtering systems we monitor. Do you see the same things? Do you have a way to see infected email delivery attempts in your environment?

I have mentioned many times how email is now the number one attack vector for pushing malware into your school district. Are you prepared to defend against this?

The sophistication of bad actors using email as an attack vector has been going up dramatically. Relying on only the basic SPAM protections provided in cloud service provider email becomes a riskier and riskier proposition for your school district. Have you put some form of advanced email protection in place?

We have also talked about the need for advanced endpoint protection on your most critical servers and endpoints to help guard against and contain that click that will inevitably happen. Are your endpoints protected? How about all those remote access users connecting to your network from home?

With all the current inflation-related financial pressures, it is sometimes difficult to talk about continuing to ramp up your district's cybersecurity posture. But the bad actors aren’t waiting for the economy to become more favorable; they are ramping up their efforts with even more vigor. Imagine having to add mitigating a ransomware attack into all that you are dealing with right now.

Hopefully, you can honestly answer that your tools are in place, and you are well prepared for what is coming. If not, talk to our team; we are here to help.

In the meantime, remind your entire district staff, now more than ever, to think before they click. The bad guys are smart, their attack methods are more sophisticated than ever and are out there just lying in wait.

-Bob Knapp