As quoted in:
Zaino, Jennifer. “The Cybersecurity Threats That Keep K–12 CIOs Up at Night.” EdTech: Focus on K-12. 23 October 2019.
“Based on anecdotal information, I would not be surprised if more incidents than the 712 reported [and counting…] actually occurred,” says Douglas Levin, president and founder of EdTech Strategies. “What’s most concerning is that schools don’t just get caught up in online scams by happenstance because criminals are trying to hit everyone, but that they are being specifically targeted.”
Levin advises that schools don’t try to sweep an incident under the rug. He’s seen one California school district drop the announcement of a massive breach, which had occurred in the fall, the Friday evening before a winter break. This only led to parents being up in arms about being kept in the dark, and the national news media descended on the scene.
An event like that shows it’s critical to have a plan covering how to respond to an attack before one occurs, and the entire administration — from the top down — has to be involved in creating it.
IT leaders should support each other by sharing information about events that occur at their schools with other school district IT leaders. “We’ve seen very clearly that when an attack is successful against one school district, it gets repeated against other school districts,” Levin says.