This blog is the last in a series about improving data security in schools.

When learning moved from the classroom to the dining room, schools scrambled to ensure students had the tools they needed. A study conducted by FutureSource Consulting found that the number of computing devices shipped to educational institutions in 2020 is expected to be 27% higher than the year before, with 18 million devices shipped, compared with 14 million in 2018 and 2019. With this comes a need to be extra vigilant about digital security threats to schools.

Remote classrooms and hybrid schooling have highlighted the need for improving internet connections in rural areas and providing internet connections to poor children. And while schools may have the latest computers, their IT infrastructure may be failing and old. This can lead to security threats to schools, students and staff.

Types of Risks to School Computers

For any group, data is its most important asset. Schools are no different. In fact, the value of data in K-12 schools may be higher because young people’s data is not monitored as closely as it is for adults.

Education is also one of the hardest-hit industries for malware attacks, according to EdTech, with “61% of nearly 7.7 million enterprise malware encounters reported” in one month coming from schools.

The threat of ransomware attacks looms large in schools, as well. A school district in Connecticut was forced to postpone its first day of school due to a ransomware attack that crippled the district’s entire system. It wasn’t the only school to be affected this way. Experts say digital security threats to schools will rise at the holidays, as well, when everyone is on break and aren’t using the school networks.

The Big Picture Matters to Security Threats to Schools

Strict budgets may limit what schools can do. Decision-makers have needs that may not include security. Many schools have applied for special grants or partnerships to acquire the number of devices they need, more so during this unusual time.

School decision-makers, who lack tech and security savvy, may think that because the school already has an IT infrastructure and the devices are new, all is well. What they don’t realize is by not improving the infrastructure, the school is at risk for a data breach or other cyber incident. That could end up costing the district millions in fines and repairs.

A few areas where schools fail at security include:

  • No one is in charge of watching out for digital security threats to schools. Many districts are already making staffing cuts for lack of a budget, so a chief information security officer may seem like a luxury.
  • Legacy systems. The new tablets and netbooks given to students may have the latest operating systems, but what about other computers used throughout the school? Older computers often have old operating systems that their brands no longer support. Also, many schools use outdated educational software suites. You may think that since you already paid for the license and the software still works, it’s easy to keep using it. But, again, these cannot be patched and, therefore, may open networks to security threats to schools.
  • The internet itself. Old buildings create dead spots for WiFi. The school may have a lot of Internet of things (IoT) devices like cameras slowing it down. Some systems are resource hogs, and not all their functions may be needed.
  • Bring Your Own Device. Students and staff are using their own devices and their own internet to connect to the school network. If the district doesn’t have a security policy, there is no oversight to ensure those devices and connections are safe.

How to Lower Risks of Cyberattacks

Awareness is the best defense against digital security threats to schools. It isn’t just security awareness training that explains the need for best practices, like multifactor authentication and giving routers a unique name and password. Leadership must also learn the importance of an updated infrastructure, why legacy systems must be replaced and how to effectively handle all their internet traffic.

Budgets are tight, and who knows what the next year will bring for in-person learning. But if children are precious to us (and they are!), schools must make a better effort to protect them during online learning.

More from Cloud Security

Cloud Threat Landscape Report: AI-generated attacks low for the cloud

2 min read - For the last couple of years, a lot of attention has been placed on the evolutionary state of artificial intelligence (AI) technology and its impact on cybersecurity. In many industries, the risks associated with AI-generated attacks are still present and concerning, especially with the global average of data breach costs increasing by 10% from last year.However, according to the most recent Cloud Threat Landscape Report released by IBM’s X-Force team, the near-term threat of an AI-generated attack targeting cloud computing…

Cloud threat report: Possible trend in cloud credential “oversaturation”

3 min read - For years now, the dark web has built and maintained its own evolving economy, supported by the acquisition and sales of stolen data, user login credentials and business IP. But much like any market today, the dark web economy is subject to supply and demand.A recent X-Force Cloud Threat Landscape Report has shed light on this fact, revealing a new trend in the average prices for stolen cloud access credentials. Since 2022, there has been a steady decrease in market…

Autonomous security for cloud in AWS: Harnessing the power of AI for a secure future

3 min read - As the digital world evolves, businesses increasingly rely on cloud solutions to store data, run operations and manage applications. However, with this growth comes the challenge of ensuring that cloud environments remain secure and compliant with ever-changing regulations. This is where the idea of autonomous security for cloud (ASC) comes into play.Security and compliance aren't just technical buzzwords; they are crucial for businesses of all sizes. With data breaches and cyber threats on the rise, having systems that ensure your…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today