Layered Cybersecurity Approaches: Why Schools Need to Prioritize Them
By Charlie Sander, CEO of ManagedMethods
The cybersecurity landscape has become more and more complex over the years, especially for schools because they are now relying on various types of digital platforms for teaching, learning, and administrative tasks. There is a mountain of different threats, such as ransomware and data breaches, that are regularly hitting schools. For example, in February earlier this year, the behaviour management platform, Class Charts, experienced a data breach that led to parent reports showing data from completely different pupils from other schools.
The most effective strategy for mitigating these threats is with a layered cybersecurity approach. Today, we’re going to dive into how this can improve school security and discuss how to maintain these various layers
The Cyberthreat Landscape in Schools
In the last ten years, the education sector has seen a massive increase in cybersecurity incidents. According to a recent report by the Government Accountability Office, the number of cyberattacks impacting schools has increased significantly from 2016 to 2020—and that trend is continuing today. These incidents can expose sensitive student and staff information as well as disrupt school operations and drain financial resources.
How Does Layered Cybersecurity Work?
Layered cybersecurity is essentially the idea of employing multiple layers of control in order to protect an organization’s information systems. This approach is based on the idea that no single measure is going to be effective at defending against all threats 100% of the time, so if one level fails the overlapping layers of defense can secure the system.
There are a number of key components to bear in mind:
First, Domain Name System Management (DNS) is crucial for preventing cyberattacks that are looking to exploit any vulnerabilities in DNS. A DNS almost functions like the internet’s contact book, so keeping it secure means that hackers cannot redirect users to malicious websites or disrupt network operations. Next, regular scanning of the network will help to detect malware and prevent breaches, while anti-virus software is a fundamental layer of defense that detects and eliminates malware. Updates need to be made regularly so that software can respond in good time to evolving threats.
Most schools also conduct their operations in the cloud with applications such as Google Workspace and Microsoft Office, and yet only a small amount of cybersecurity budgets are actually assigned towards protecting cloud data. This is where a Cloud Access Security Broker (CASB) should be implemented to monitor the cloud domain for suspicious activity, then automatically alert you to potential threats.
On the human side of things, staff need to be well-educated and vigilant on the subject of cybersecurity. Unfortunately, human error is one of the biggest risks to a system, from the likes of phishing emails and unsecured websites. Additionally, staff need to be aware of the importance of two-factor authentication across all devices and the dangers of using unauthorized software when connected to the school network. As an extension of that, it can be helpful to have a list of approved applications on the network.
Finally, although it may seem obvious, physical security with controlled access to server rooms and surveillance systems is absolutely crucial.
Why Do Schools Often Overlook Layers?
Schools have increasingly been moving to a 1:1 device model for students, which has significantly increased the number of endpoints on education networks and accessing data stored in the cloud. With many of these devices going in and out of the school’s network, maintaining security on all of these devices and on the network has become much more complicated. Furthermore, budget constraints present in all K-12 schools compound the issue; they lack the resources to defend themselves.
Reliance on legacy hardware and software due to budget restraints only makes schools more vulnerable. Outdated systems may not be able to take on security updates. Further, given how complex school district’s information systems can be, it can be really tough to maintain a cohesive cybersecurity strategy. Additionally, although there are very talented and dedicated individuals working in school IT departments, there is often a lack of trained and dedicated cybersecurity personnel.
How Can a Layered Approach Actually Help with Budget Issues?
There’s no doubt that most key stakeholders in school districts look at cybersecurity programs as an unnecessary expense. But, by ignoring cybersecurity, they are replacing a small problem with a much bigger one. In fact, according to IBM, the average cost of a data breach in 2023 was almost $5 million.
Schools are a goldmine of intellectual property, and the price to pay for exposing them is absolutely enormous. Even without paying a ransom, schools are paying a significant amount of money for technology and services related to recovering from an attack. They can also suffer from reputational damage. Additionally, data leaks and attacks can lead to lawsuits, particularly when personally identifiable information is involved. One example of this is the class action lawsuit currently taking place against Clark County School District after suffering an attack.
A layered approach can better safeguard a school’s digital infrastructure against the mountain of threats they face daily. The fact is that breaches are bound to occur, but a layered approach helps to minimize their impact so that sensitive data is better protected and the cost of recovery does not have to be astronomical. Schools may see cybersecurity as something they can easily skimp on, but prioritizing a layered cybersecurity framework is both a necessity and an investment in the future of education.
About The Author
Charlie Sander, CEO of ManagedMethods, has over 30 years of IT industry experience. Charlie holds ten patents and earned a BSEE degree from the University of Texas at Austin’s Cockrell School of Engineering.