Cyber Security

 "Cybersecurity 101: How to Stay Safe Online"

Public schools handle a massive amount of sensitive data, including student records, staff information, and financial details. Without proper cybersecurity, they are vulnerable to attacks that can disrupt learning, compromise privacy, and lead to financial losses. Frazier and Hearrington (2024) state, " Schools can do a variety of things to provide the necessary security to protect themselves and prevent future problems" (p. 158). The Rediness and Emergency Management for Schools Technical Assistance Center (rems.ed.gov) Cybersecurity Considerations for K-12 Schools and School Districts publication identifies several actions that can be taken to prepare for such incidents. This list includes: 

• Develop and promote policies

• Store data 

• Create firewalls and list individuals with access to data

• Implement effective and constant network monitoring (Frazier and Hearrington, 2024)

• Schools store personal information (names, addresses, grades, medical records, etc). 

• Cybercriminals target this data for identity theft and fraud.

• Ransomware attacks can shut down entire school systems, halting online learning.

• Phishing attacks can compromise teacher and student accounts, disrupting education. 

3. Compliance with Privacy Laws 

• Schools must comply with laws like FERPA (Family Educational Rights and Privacy Act) to protect student data.

• Failure to secure data can lead to legal consequences.

4. Stopping Cyberbullying and Online Threats 

• Without proper security, students can be exposed to cyberbullying, inappropriate content, and online predators.

• Monitoring and filtering tools help protect students from harmful online activity. 

5. Financial and Reputational Damage 

• A data breach can lead to financial loss due to lawsuits, fines, and ransom demands.

• Loss of trust among parents, students, and staff can affect the school's reputation. 

The video below shows school leaders discussing cyber security as a "top priority," and it also includes a parent's experience. 

Key reasons why cybersecurity is essential in schools: 

1. Protection of students and Staff Data 

2. Preventing Disruptions to Learning 

Frazier and Hearrington (2024) state, "The Cybersecurity and Infrastructure Security Agency (CISA) is charged with leading the federal government's efforts to protect threats and collaborate with partners to create a more secure infrastructure for the future (P. 158). "Implementing safe cybersecurity best practices is important for individuals as well as organizations of all sizes (CISA, n,d,). Using strong passwords, updating your software, thinking before you click suspicious links, and turning on multi-factor authentication are the basics of what we call "cyber hygiene" and will drastically improve your online safety" (CISA, n.d.). 

Technology coordinators play a key role in securing a school's digital environment. The following below are essential cybersecurity measures they should:

• Implement firewalls
• Conduct regular security audits and risk assessments to identify potential weaknesses and address them promptly.
• Ensure strong password policies are in place, requiring complex passwords and regular changes. Consider implementing multi-factor authentication for added security.
• Provide ongoing cybersecurity training and awareness programs for staff and students to recognize and respond to threats such as phishing and social engineering attacks. 
• Establish a clear incident response plan to quickly address and mitigate any security breaches or cyber incidents that occur. 
• Back up important data regularly and ensure backups are stored securely, enabling quick recovery in case of data loss due to cyberattacks.
• By prioritizing these measures, schools can create a safer digital environment that supports effective learning and protects the privacy and security of all stakeholders involved. 

The CISA toolkit link is to several other links for educators, students, and parents. tinyurl.com/2ubehp6w offers a collection of free resources and tools to provide assistance, exercises, and free training (Frazier and Hearrington, 2024). 

District leaders can set an important example by emphasizing the importance of appropriate cybersecurity and working with staff to improve culture and practice (Frazier and Hearrington, 2024).  Implementing cybersecurity measures is not just a technical necessity but a critical investment in the integrity and future of public school systems. Schools must recognize the importance of safeguarding their digital infrastructure to ensure students' safe and conducive learning environment and peace of mind for parents and staff. By fostering a culture of cybersecurity awareness and resilience, schools can not only prevent potential threats but also empower their communities with the knowledge and tools needed to navigate the digital world safely. 

References 

Cybersecurity and Infrastructure Security Agency. (n.d.). Cybersecurity best practices. CISA. https://www.cisa.gov/topics/cybersecurity-best-practices

Frazier, M., & Hearrington, D. (2024). The technology coordinator’s handbook: A guide for EdTech facilitators and leaders (4th ed.).

Wurtz, B. (2017, May 10). History of the entire world, I guess [Video]. YouTube. https://youtu.be/rB8CihN7mvw