Security

4 Ways K–12 Tech Teams Can Share Responsibility for Cybersecurity

School technology departments need everyone’s help in putting a stop to cybercrime.

Tyler Derickson is the cybersecurity and systems administrator for Arbor Park School District 145 in Oak Forest, Ill. At just 20 years old, he applies his dedication and passion for cybersecurity to keep data and systems safe from bad actors.

Cybercriminals are relentless in their efforts to gain access to as many organizations’ critical infrastructure systems or precious, confidential data as possible. This is especially true for the education sector, where school district data is essentially low-hanging fruit that can be sold on the dark web.

Everyone has an important role in playing defense against cybercriminals. To help protect their school networks, K–12 district board members, superintendents, administrators and staff need to be adequately informed of the cyberthreats and consequences schools face. Here’s how district IT leaders and staff can help schools make cybersecurity a shared responsibility.

Click the banner to explore additional data security resources from CDW.

k12-cam-static-2021-shieldstudents-desktop

k12-cam-static-2021-shieldstudents-mobile

1. Routinely Attend Board Meetings and Provide Concise Updates

As an IT leader, one of the primary ways to convey how important evolving cyberthreats are to your K–12 district is to attend school board meetings and provide concise, jargon-free cybersecurity updates.

This ensures that board members are adequately informed and can make knowledgeable decisions regarding cybersecurity budgets, purchases, resources and policies that best suit your district’s initiatives and needs.

By including cybersecurity discussions as a school board agenda item, school leaders demonstrate their commitment to protecting the privacy and security of their staff and students.

2. Be Transparent with Your School Administrative Team

Creating a culture of cybersecurity awareness in your district means being transparent with your administrative team, including principals, special education directors and curriculum directors, among others. School IT leaders have a responsibility to vet applications to ensure compliance with federal student privacy laws.

Therefore, it’s crucial to communicate your cybersecurity initiatives and upcoming changes. If you are planning security upgrades over holiday breaks and anticipate network outages, be sure to give your admin team a heads up. They will appreciate your transparency.

LEARN MORE: Strategic communication with school leadership supports tech investments.

3. Ensure Staff Training Underscores the Dangers of Cyberattacks

Cybersecurity awareness training is one of the most essential tools you can include in your cybersecurity plans. Many ransomware attacks stem from phishing and social engineering, and it is imperative to equip your staff with the knowledge and ability to defend against these. You can also note that what they learn from the training sessions can be applied in their personal lives as well.

4. Emphasize Preventive Measures Instead of Reacting to Disruption

Administrators, educators and staff are not the only ones who should remain vigilant. It is also important for the IT department to focus on implementing preventive measures. Do you separate administrative accounts from user accounts? Do you enforce multifactor authentication? Do you regularly audit and clean up Active Directory? How secure are your third-party vendors?

Asking these questions internally to improve the cybersecurity posture in your district will also reap rewards when it’s time to renew your cybersecurity insurance.

UP NEXT: How can schools fund third-party risk management?

zoranm/Getty Images