The U.S. Government Accountability Office (U.S. GAO) has released a report showing that schools remain vulnerable to cyberattacks. Kindergarten through grade 12 (K-12) schools have reported significant educational impact due to cybersecurity incidents, such as ransomware attacks. The U.S. GAO report says that learning loss following a cyberattack ranged from three days to three weeks, and recovery time ranged from two to nine months. Schools are not only relying on tech for teaching but are given personal information about students that are vulnerable to attacks.
School Drive Cybersecurity Must be Updated
The government needs to establish a collaborative mechanism, such as an applicable coordinating council, to manage cybersecurity efforts between agencies and the K-12 community. Although the number of students affected by attacks has decreased between 2020 and 2021, it is still a drastic difference between 2018 and 2021, namely when education first migrated to online schooling in height of the pandemic.
A leading cybersecurity research company says that the education sector is enduring double the number of weekly cyber-attacks compared to the other industries’ average. This sector had an average of almost 2,000 attacks per organization every week.
Other statistics of note:
- 56 percent of K-12 schools and 64 percent of higher education institutions reported a breach in 2021.
- 27 percent of schools think their data is inadequately protected.
- 42 percent of schools have students or staff that circumvent cybersecurity protections
- $265 is the average price of an educational record on the dark web vs. $5 for a credit card number.
These are all crucial areas that often are missed in cybersecurity. Most schools and the IT departments that manage their security are simply ill-prepared for some of the threats that are currently out there, so simply having a plan in place often goes a long way towards mitigation.
Reach out to Access Tech today to learn more about how we can help you with resources and strategies to maintain your data’s security.