Think about all the birthdates, addresses, Social Security numbers, and other sensitive information about staff, students, and parents your schools are trusted to protect. If budget shortfalls have left your cyber defenses lagging, you’re not alone—and cybercriminals are cashing in:
Growing losses have created a difficult cybersecurity insurance market at a time when more districts are seeking coverage. If your organization is a Fund member with Privacy and Information Security coverage, follow these four best practices to defend against cybercrime and prepare for your next renewal.
1. Comply with state requirements
School cybersecurity has been a hot-button topic during recent Texas legislative sessions. High-profile legislation requires schools to:
- Adopt a cybersecurity plan.
- Appoint a cybersecurity coordinator who serves as a liaison between the district and the Texas Education Agency.
- Report incidents that meet data breach criteria under the law.
- Provide cybersecurity training to certain employees and board members.
2. Implement multifactor authentication (MFA)
MFA may sound complicated, but simply put, it means requiring employees to enter more than their password to access a system. Examples include codes sent to cell phones or secondary email addresses, passcode-generating devices, fingerprints, and facial scanners.
Going through two steps to verify your identity can feel tedious, and many organizations experience initial pushback from their employees. But MFA can go a long way toward protecting your network and your sensitive information.
There are a variety of low-cost MFA solutions. If your organization uses Office365, implementing MFA is free and easy to configure.
If you aren’t using MFA, talk to your IT department about which options might work best for your network.
3. Apply patches and update your technology
As hackers uncover vulnerabilities, cybersecurity threats evolve. In the first half of 2021 alone, more than 12,500 new vulnerabilities were discovered.
New vulnerabilities promptly become public knowledge. Criminals race to exploit them as developers rush to slam the virtual door and keep the bad guys out.
As soon as developers release security patches and updates, it’s up to your organization to apply them to your systems:
- Some organizations install patches and updates manually to confirm they’re working as expected.
- Others automate the process with a server that scans for new updates and patches, and then installs them.
- Critical security patches should be installed immediately. Antivirus updates should run at least weekly, and other software patches and updates can run monthly or according to the patch release cycle.
Whichever option your organization chooses, it’s important to make patches and updates a priority.
4. Back your data up
Ransomware attacks often leave organizations without access to their most important files, and in some cases, all their files. Ransomware is popular because hackers know how highly you value your data. When faced with losing everything or paying a ransom, districts often choose to pay.
If you pay hackers, you might motivate them to continue attacking. You could even encourage other hacking groups to target your organization. Fortunately, giving in doesn’t have to be your only option.
Want a deeper dive into data backups? Set aside 60 minutes to watch our on-demand webinar, titled "Don't Let Criminals Hijack Your Network.
How often should you run backups?
Cybersecurity professionals promote data backups, which are partial or full copies of an organization’s systems, as a best practice for defending against cybercrime. If your systems are infected with ransomware, you can simply roll to a previous backup:
- Some organizations take daily or weekly snapshots of their network environment.
- Others run partial backups periodically throughout the day.
- Networks and systems vary. Consult your technology team to determine the right size, frequency, and location of your backups.
A 2020 study by Sophos found that among organizations impacted by ransomware, twice as many were able to retrieve their data with backups rather than paying a ransom, and the cost of the disruption was less than half what it was to those who paid up.
Why you should store your backups offsite
Recent ransomware variants are programmed to look for onsite (located in your local network) backups and lock or destroy them. To protect backups from ransomware attacks, many organizations and security leaders recommend storing your backups at an offsite location. If that’s not an option, disconnect them or power them down after backups run.
39 seconds is all it takes
A cyberattack happens every 39 seconds. The frequency of attacks, along with their rapidly rising costs, is creating a challenging cyber coverage market.
Most insurance carriers are tightening their underwriting guidelines, limiting or declining coverage, and increasing premiums. They’re also asking questions about how customers are guarding against attacks.
Launching a cybersecurity program that accounts for the spectrum of risk your schools face can seem overwhelming. These four best practices can go a long way toward protecting your data and showing insurance carriers you’re serious about cybersecurity:
- Comply with state cybersecurity requirements.
- Allow software patches to run.
- Implement multifactor authentication.
- Back up your data.
About the author
Lucas Anderson brings 15 years’ experience to his role as TASB Privacy and Cyber Risk Consultant. Lucas advises Fund members on defending against cybercrime and navigating the cybersecurity regulatory landscape. Members benefit from Lucas’ training services at no additional cost.