Cybersecurity continues to be the No.1 technology concern for district technology leaders as schools have become much bigger targets for cyberattacks.
There have been 1,619 publicly disclosed cyberattacks on schools between 2016 and 2022, according to K12 Security Information Exchange, a nonprofit focused on helping schools prevent cyberattacks.
These incidents can cause major disruptions to teaching and learning and to administrative functions in a district. The attacks can also put sensitive data about students and employees at risk. In some cases, school districts have had to shut down schools for several days.
Given those consequences, it鈥檚 imperative for district leaders to understand why they need to make cybersecurity a priority.
In a Jan. 8 webinar hosted by the Consortium for School Networking and AASA, the School Superintendents Association, three superintendents shared their best practices for preventing and responding to cyberattacks. They are Peter Aiken of the Central York district in Pennsylvania, Gustavo Balderas of the Beaverton district in Oregon, and Mark Benigni of the Meriden district in Connecticut.
Here are their tips:
Develop a prevention and response plan
The three superintendents underscored the importance of having a plan that will help prevent or discourage cyberattacks, as well as a plan to respond to cyberattacks because they can happen to any district. (In fact, they all said their districts have been hit with some form of cyberattack).
When it comes to preventing attacks, the panelists said providing 鈥渃ontinuous鈥 cybersecurity training for students and staff is 鈥渃ritical.鈥 Everyone who uses district technology should be trained on having good online habits so that they don鈥檛 click on the wrong links, fall for phishing attacks, or accidentally give out sensitive information that hackers can use to attack a district鈥檚 network.
For staff, these trainings could be part of the annual training requirements that most districts have, Benigni said. They could also be part of the onboarding process for new staff members. For students, digital citizenship and online safety training could also be required.
A response plan should include how leaders are to notify the school or district community, as well as law-enforcement agencies, Benigni said.
It should also include mitigation and recovery strategies. For instance, when the Meriden school district had a few devices that were hit by a ransomware virus, Benigni said his district was prepared because they back up their devices regularly. They restored the devices from the latest cloud backup instead of paying the ransom.
Districts should have backup plans to ensure learning isn鈥檛 disrupted when technology is disabled because of a cyberattack, as well. Teachers should be 鈥減repared to go old school鈥 and make sure students are still learning, Balderas said.
Communicate the 鈥榳hy鈥 behind the plans
The three superintendents identified communication as being just as important as having a prevention and response plan. Part of the cybersecurity training for staff and students should include communicating why it鈥檚 important that a district secures its networks.
鈥淚 think the more available we can make ourselves and communicate the rhyme and reason, the why behind [the district鈥檚 cybersecurity practices],鈥 the more likely people will buy into them, Aiken said.
How a district leader reacts and communicates with the community鈥攕tudents, staff, parents, local media鈥攁fter a cyberattack is also critical because it could affect the district鈥檚 credibility and reputation, Balderas said.
鈥淢ake sure you react quickly with all the information you can share and be very resolved in terms of what you鈥檙e going to do to deter [attacks] in the future,鈥 he said.
District leaders across the country should make it a priority to share best practices with one another, too, the panelists said.
鈥淚 think it鈥檚 important we learn from one another because most school systems are not going to have their own cybersecurity division to take action on these issues,鈥 Benigni said.
