When it comes to improving network security, the question asked is usually “Can we afford it?” But with Cyber Crime evolving every day, the question should now be “Can we afford not to?”
NBC News recently told the story of hackers breaking into Minnesota Public Schools, stealing highly sensitive data on teachers and school children, and publishing it. This data included descriptions of students’ behavioral problems and teachers’ Social Security numbers. The article goes on to quote Doug Levin, the director of the K12 Security Information Exchange, a nonprofit that helps schools protect themselves from hackers. “The fact of the matter is, school districts really should be treating this more like nuclear waste, where they need to identify it and contain it and make sure that access to it is restricted. Organizations that are supposed to be helping to uplift children and prepare them for the future could instead be introducing significant headwinds to their lives just for participating in public school.” The article also reports that “at least 122 public school districts in the U.S. have been hit with ransomware since 2021 with more than half — 76 — resulting in the hackers leaking sensitive school and student data.” In the case of the Minnesota Public Schools, the hackers had demanded $1 million in ransom, which the district did not pay. Instead, they are now paying clean-up costs, and paying for offering credit monitoring and identity theft protection services to the victims.
(To see the article in full - https://www.nbcnews.com/tech/security/students-psychological-reports-abuse-allegations-leaked-ransomware-hac-rcna79414)
It is stories like this that change the conversation from “Can we afford it” to “Can we afford not to.” As you can see, Cyber Security is becoming more like health, home or auto insurance – something that most people feel is essential for their overall well-being. If you have not done so already, it may be time to re-think cybersecurity priorities in your school district.
This week’s suggestion:
- Talk to your Tech Director about what Cyber Security he/she feels is important for your district's well-being, but can’t fit into the current budget
- Continue (or start) the process of coming into line with the NIST Cybersecurity Framework guidelines
If you would like more information on help with improving your Network Security or navigating the NIST CSF journey, please contact Lisa MacDougall at lmacdougall@csiny.com or call 845.897.9480.