"Cybersecurity 101: How to Stay Safe Online"
Public schools handle a massive amount of sensitive data, including student records, staff information, and financial details. Without proper cybersecurity, they are vulnerable to attacks that can disrupt learning, compromise privacy, and lead to financial losses. Frazier and Hearrington (2024) state, " Schools can do a variety of things to provide the necessary security to protect themselves and prevent future problems" (p. 158). The Rediness and Emergency Management for Schools Technical Assistance Center (rems.ed.gov) Cybersecurity Considerations for K-12 Schools and School Districts publication identifies several actions that can be taken to prepare for such incidents. This list includes:
- Develop and promote policies
- Store data
- Create firewalls and list individuals with access to data
- Implement effective and constant network monitoring (Frazier and Hearrington, 2024)
- Schools store personal information (names, addresses, grades, medical records, etc).
- Cybercriminals target this data for identity theft and fraud.
- Ransomware attacks can shut down entire school systems, halting online learning.
- Phishing attacks can compromise teacher and student accounts, disrupting education.
- Schools must comply with laws like FERPA (Family Educational Rights and Privacy Act) to protect student data.
- Failure to secure data can lead to legal consequences.
- Without proper security, students can be exposed to cyberbullying, inappropriate content, and online predators.
- Monitoring and filtering tools help protect students from harmful online activity.
- A data breach can lead to financial loss due to lawsuits, fines, and ransom demands.
- Loss of trust among parents, students, and staff can affect the school's reputation.
Key reasons why cybersecurity is essential in schools:
1. Protection of students and Staff Data
2. Preventing Disruptions to Learning
Frazier and Hearrington (2024) state, "The Cybersecurity and Infrastructure Security Agency (CISA) is charged with leading the federal government's efforts to protect threats and collaborate with partners to create a more secure infrastructure for the future (P. 158). "Implementing safe cybersecurity best practices is important for individuals as well as organizations of all sizes (CISA, n,d,). Using strong passwords, updating your software, thinking before you click suspicious links, and turning on multi-factor authentication are the basics of what we call "cyber hygiene" and will drastically improve your online safety" (CISA, n.d.).
Technology coordinators play a key role in securing a school's digital environment. The following below are essential cybersecurity measures they should:
- Implement firewalls
- Conduct regular security audits and risk assessments to identify potential weaknesses and address them promptly.
- Ensure strong password policies are in place, requiring complex passwords and regular changes. Consider implementing multi-factor authentication for added security.
- Provide ongoing cybersecurity training and awareness programs for staff and students to recognize and respond to threats such as phishing and social engineering attacks.
- Establish a clear incident response plan to quickly address and mitigate any security breaches or cyber incidents that occur.
- Back up important data regularly and ensure backups are stored securely, enabling quick recovery in case of data loss due to cyberattacks.
- By prioritizing these measures, schools can create a safer digital environment that supports effective learning and protects the privacy and security of all stakeholders involved.
The CISA toolkit link is to several other links for educators, students, and parents. tinyurl.com/2ubehp6w offers a collection of free resources and tools to provide assistance, exercises, and free training (Frazier and Hearrington, 2024).
District leaders can set an important example by emphasizing the importance of appropriate cybersecurity and working with staff to improve culture and practice (Frazier and Hearrington, 2024). Implementing cybersecurity measures is not just a technical necessity but a critical investment in the integrity and future of public school systems. Schools must recognize the importance of safeguarding their digital infrastructure to ensure students' safe and conducive learning environment and peace of mind for parents and staff. By fostering a culture of cybersecurity awareness and resilience, schools can not only prevent potential threats but also empower their communities with the knowledge and tools needed to navigate the digital world safely.
References
Cybersecurity and Infrastructure Security Agency. (n.d.). Cybersecurity best practices. CISA. https://www.cisa.gov/topics/cybersecurity-best-practices
Frazier, M., & Hearrington, D. (2024). The technology coordinator’s handbook: A guide for EdTech facilitators and leaders (4th ed.).
Wurtz, B. (2017, May 10). History of the entire world, I guess [Video]. YouTube. https://youtu.be/rB8CihN7mvw
I love that your blog highlights the critical importance of cybersecurity in schools, stating the need for proactive measures to protect sensitive data and ensure a secure learning environment. As Frazier and Hearrington (2024) note, schools must implement comprehensive strategies to prevent disruptions, safeguard personal information, and comply with privacy laws like FERPA. I agree that cybersecurity efforts and trainings are essential not just for preventing breaches but also for maintaining trust among students, staff, and parents. By adopting practices such as data encryption, regular security audits, and strong password policies, schools can reduce vulnerabilities to attacks like ransomware and phishing. I know for my system- we must change our passwords much more often and are encouraged to create passwords PHRASES. Furthermore, I like how your blog emphasizes the role of technology coordinators in fostering cybersecurity awareness and creating a culture of vigilance. I do think that ultimately, investing in cybersecurity is not merely a technical necessity; it’s a fundamental step in ensuring the safety, privacy, and continued success of students and staff in the digital age. Great blog with some very important information!
ReplyDeleteTech leaders have a huge responsibility to ensure the safety of students and staff online. According to Frazier and Hearrington (2024), this is a complex and changing area that requires tech leader expertise in things like physical security, device tracking, data privacy, and user training and responsibility. You mentioned fostering a culture of cybersecurity awareness and resilience, and I think that is so important. Providing cybersecurity training programs for teachers and parents is important to ensure they have the skills needed to effectively teach concepts to students and monitor their online behavior (Arishi et al., 2024).
ReplyDelete-Tanishia Smith
References
Arishi, A. A., Kamarudin, N. H., Abu Bakar, K. A., Shukur, Z. B., & Hasan, M. K. (2024). Cybersecurity awareness in schools: A systematic review of practices, challenges, and target audiences. International Journal of Advanced Computer Science and Applications, 15(12). https://doi.org/10.14569/IJACSA.2024.0151249
Frazier, M., & Hearrington, D. (2024). The technology coordinator’s handbook (4th ed.). International Society for Technology in Education.