Every two weeks, Keeping K-12 Cybersecure–the newsletter of the K-12 Cybersecurity Resource Center–curates the best cybersecurity and privacy news for K-12 policymakers, administrators, IT professionals, and privacy advocates. The latest edition (“Infinite Campus DDoSed, Chegg Breached“) provides information on recent updates to the K-12 Cyber Incident Map, other additions to the Resource Center, and curated news you can use.
Here’s your reading list for articles published during the last two weeks of September 2018:
- The International Association of Privacy Professionals (IAPP) delves into the issue of student data privacy with this thoughtful post by Amanda O’Keefe (“Why we need a broader conversation about ed-tech privacy,” September 28, IAPP).
- This discussion of a recent data breach by the educational technology company Chegg (“Investors Should Buy The Data Breach Dip In Education Platform Chegg Stock,” September 28, InvestorPlace) points to why we can’t have nice things that respect student privacy and security for schools.
- How much does it cost a school district to recover from a ransomware attack? The Cloquet (MN) School District recently spent $15,000 to satisfy its insurance deductible in doing so. No accounting for lost instructional and administrative time, however.
- U.S. News and World Report offers advice on “How to Keep Your Child’s Credit Safe” (September 24). Among their advice: Hold your child’s school accountable.
- A $300,000 settlement has been reached in a class action lawsuit brought by school district employees of the School District of Manatee County (FL), who fell victim to a widely reported W-2 phishing scheme targeting school districts in January 2017 (“Manatee County, Florida School District Employee Data Breach Settlement,” September 21, Top Class Actions).
- Schools buy internet-connected security cameras for reasons of school safety. However, what you may not know is that whatever safety benefits they may provide, they too often also introduce new threats. Case in point: “Zero day in popular video surveillance technology goes public, unpatched (September 17, CyberScoop),” which profiles school vendor NUUO.
- The U.S. Government Accountability Office (GAO) takes the U.S. Department of Education’s Office of Federal Student Aid to task for oversight of ‘non-school partners’ practices in protecting student privacy. Read more: “Cybersecurity: Office of Federal Student Aid Should Take Additional Steps to Oversee Non-School Partners’ Protection of Borrower Information” (September 17).
Be sure to check out the full newsletter and sign-up to ensure you get all the latest news direct to your inbox. And, as always, please contact us with any feedback, tips, or suggestions.