COVID-19 caused a disruption in education that many are trying to remediate. Schools across the country were forced to rapidly adopt and scale new technologies to enable remote learning for students. As a result, not all schools were ready nor had the budget to adapt to a remote learning environment with the proper security protocols in place to protect hardware and software.
We’ve heard stories about students sitting outside of Starbucks trying to access Wi-Fi or schools giving out laptops for home use without all of the proper security controls needed to protect their networks. Fortunately, aid has been put in place to provide educational institutions with the funding to help, including the Coronavirus Aid, Relief, and Economic Security (CARES) Act and American Rescue Plan. Both allocated dollars are available to aid educational institutions in transitioning back to school for hybrid learning by implementing new technologies to help bridge the learning loss gap. However, to mitigate new network security challenges, educational leaders must prioritize cybersecurity, including student privacy and risk.
Learning loss is especially prevalent if a school faces cyberattacks such as ransomware, malware, and phishing. However, disadvantaged students living in poverty or experiencing homelessness, learning English, having a disability, or living in foster care may not have access to a secured network and rely on public Wi-Fi to do their assignments. It is critical that educational leaders invest in 24/7 monitoring to detect and block threats among faculty and student laptops to prevent adversaries from getting their hands on sensitive data.
Funds, like those allocated by the CARES Act, can be used to purchase educational technology for students, and most importantly, a Managed Detection and Response (MDR) service to monitor all endpoints, networks, logs, and online accounts to ensure malicious activity is detected before a cyberattack is carried out and further causes unprecedented financial losses. With an MDR service and new hardware and software at schools or remote locations, it is difficult to ensure security in the face of new cyber risks.
The CARES Act was the first congressional relief aid signed into law in March 2020 that directly benefited K-12 schools. It earmarks $30.7 billion under the Education Stabilization Fund to spend on education, among other relief efforts.
In addition to the CARES Act, Congress signed into law the American Rescue Plan in March 2021. This new law includes $123 billion for K-12 schools to help them reopen, with at least 20% allocated to help with learning loss.
Phishing and malware are the two top attack types that our Security Operations team saw this past quarter. This year, we saw an increase in the number of attacks targeting universities and students, with one recent ransomware campaign directly targeting colleges and universities. Last week, a ransomware attack on the Broward School District in Florida brought the possibility of being unable to pay employees or needing to shut down the school temporarily if protections are not put in place – all potentially costing the district more than $20 million to help protect itself from the ransomware incident.
Monitoring and remediating security issues on your network should be top of mind, especially if new hardware and software are purchased for use at schools or remotely. 24/7 monitoring is the best method of defense, but not all organizations can maintain the staff to do that. This is where MDR providers like Pondurance can come in to act as your security operations team or as an extension of your existing team. They will help to uncover security threats at all hours of the day (or night) and either work with you or on your behalf to remediate them.
Are you interested in learning how MDR services could help your organization defend against ransomware and other threats? Reach out to us to discuss!