Connect with us

Uncategorized

How to Prepare Your School for a Cyberattack with Limited Resources — THE Journal

Published

on

Improving Cybersecurity

How to Prepare Your School for a Cyberattack with Limited Resources

With cyberattacks against K–12 schools across the United States making headlines every week, it isn’t exactly “news” that since the pandemic forced remote and digital learning to the forefront, schools are now a primary target for threat actors.

What’s perhaps surprising is how many attacks are targeting schools every hour of every day: In the last 30 days alone, for example, Microsoft has detected over 3.5 million malicious “encounters” by its devices within education organizations in the United States, according to its Global Threat Activity website.

Ransomware is increasingly targeting K–12 schools, and although many district IT budgets are growing — a Consortium of School Networks survey of K–12 IT professionals found that 56% of respondents had bigger budgets for the 2021-22 school year — cybersecurity remains the “biggest unmet technology need” by a large margin, CoSN said.

The Multi-Million-Dollar Risk Factor

The need for consistent protection and preparation is more urgent than ever, with even Congress and the White House weighing in last fall with the K–12 Cybersecurity Act of 2021 that instructed the federal Cybersecurity Infrastructure and Security Agency to assess risk factors at the K–12 level by this spring, then produce recommendations for schools and, eventually, a “toolkit” for districts to shore up their security practices.

Meanwhile, IT and cybersecurity organizations serving public schools are offering numerous guides and assessment tools — many of them free — to K–12 districts ready to tighten network security sooner than later.

Mike Woodward, cyber threat intelligence analyst at the nonprofit Center for Internet Security, said ransomware attacks against public K–12 schools in the U.S. are “continuously reported” to his organization’s Multi-State Information Sharing & Analysis Center, or MS-ISAC. Last year, 51 districts reported disruptions from ransomware attacks, he said, and every ransomware incident costs the impacted district millions of dollars.

In fact, the total district cost for recovering from a ransomware attack averaged $2.7 million in 2020, the highest across all sectors, according to a Sophos survey of 499 education IT professionals conducted in early 2021.

To make matters worse, ransomware is becoming more sophisticated, said Woodward at CIS.

“There are certain ransomware variants that appear to specifically target K-12 school districts,” he told THEjournal last week. “For example, the Grief ransomware variant was identified in six ransomware attacks against public K-12 school districts. Many ransomware attacks begin with a threat actor exploiting an internet-facing service or vulnerability (e.g. RDP/VPN, vulnerable server) or through a phishing email containing first stage malware.”

Schools Don’t Need to Reinvent the Cybersecurity Wheel

The K–12 IT environment can be overwhelming and short on resources even without a pandemic-driven burst in remote learning and the notable spike in cyber threats targeting schools, noted the CoSN survey of school IT managers.

“In a situation where even well-funded corporations in the private sector struggle to address cybersecurity issues, poorly funded districts are at a disadvantage,” the report summary states. “One respondent called the need for more cybersecurity funding as ‘desperate.’ Another respondent’s comment addressed the inequities inherent in funding cybersecurity at the local level: ‘Cybersecurity needs to be provided as a minimum blanket coverage for schools. Minimum coverage should be considered at a state level so all districts start with an equitable security standard.’”

CoSN’s chief cybersecurity advisor, Amy McLaughlin, helps school districts identify and deploy the security elements they need to secure their infrastructure and school networks as much as possible with limited resources.

“In the world of cybersecurity, there really isn’t any reason to reinvent the wheel; there are some very good frameworks available to districts that make best IT security practices easy to follow,” McLaughlin told THEjournal last week.

A few of those are publicly funded and free, such as the National Institute of Standards in Technology 800-53 Risk Management Framework, but “at 700-plus pages of detail, it can be overwhelming,” she said.

For that reason, McLaughlin said she frequently recommends district IT professionals and administrators to start with the Center for Information Security’s Top 18 Critical Security Controls guide as the best place to start a check-up or upgrade to network protections. The Top 18 is easier to digest and easier to explain to district decision-makers, who absolutely must be invested in cybersecurity efforts, she emphasized.

“I recommend that schools focus on the first five to seven items on this Top 18 list,” McLaughlin said. “The first five or six will take you a very long way in securing your organization’s networks.”

Source link

Uncategorized

Promethean Adds Digital Whiteboard App Explain Everything to its Portfolio — THE Journal

Published

on

Mergers & Acquisitions

Promethean Adds Digital Whiteboard App Explain Everything to its Portfolio

ActivPanel interactive display maker Promethean has acquired the digital whiteboard platform Explain Everything, which allows users to create lessons, activities, and interactive presentations on any mobile device and whose team and assets will be “merged” with Promethean’s, according to a news release.

Terms of the deal were not disclosed.

Explain Everything, based in Poland, launched in 2010; its app has been downloaded 200 million times in 237 countries and won the Apple Trends of 2020 Award for Leading the Classroom.

On its website, Explain Everything announced the news and told users they would not be affected by the change in ownership. “You will continue to enjoy full access to our app, as well as to all of your projects and materials,” the company said. “We won’t change the pricing model, either. The free version of Explain Everything will remain free with all of the same great features.”

The Explain Everything statement said software developments efforts already under way will continue, and merging with Promethean means they will “be able to achieve crucial milestones faster, so expect some cutting-edge solutions and superior interactive experiences to come to the app as soon as 2023.”

The Explain Everything Whiteboard app integration with Promethean interactive panels is in the works, the companies said: “This powerful solution will enhance engagement in the classroom by giving teachers the possibility to work both on mobile devices and panels simultaneously.”

Learn more at PrometheanWorld.com or ExplainEverything.com.

Source link

Continue Reading

Uncategorized

Navigate360 Adds PBIS Rewards to Its Student Wellness, Safety Solutions Portfolio — THE Journal

Published

on

Mergers & Acquisitions

Navigate360 Adds PBIS Rewards to Its Student Wellness, Safety Solutions Portfolio

Student wellness and physical safety company Navigate360 has announced its acquisition of SaaS platform PBIS Rewards to round out its K–12 programs focusing on safer school environments and strengthening academic performance through positive behavior reinforcement, interventions, and other measures.

Navigate360’s Mental Health and Awareness, Threat Detection and Prevention, and Safety and Management and Preparedness suites are now paired with the Positive Behavior Interventions and Supports (PBIS) Rewards program to foster a “whole child” safety framework, the company said in a news release. The combined program addresses school climate and culture, full-cycle emergency management, early detection, and assessment and violence prevention.

PBIS Rewards is a digital management system that replaces paper tickets and tokens. Available on smartphones and laptops, it simplifies the administration of “rewards points” for positive behaviors as identified by the school district. Students can use them to “purchase” tangible and privilege rewards such as homework passes, jeans day coupons, iPad time, admissions to events, and more.

The system also allows for workplace rewards for teachers that result in recognition and perks. Learn more about how PBIS Rewards works on its website.

Source link

Continue Reading

Uncategorized

Centegix Partners with Ident-A-Kid to Extend Security Capabilities with iVisitor Management Software — THE Journal

Published

on

Campus Safety

Centegix Partners with Ident-A-Kid to Extend Security Capabilities with iVisitor Management Software

Centegix has announced a partnership with Ident-A-Kid to extend the abilities of K–12 schools’ safety and security systems, using Ident-A-Kid’s iVisitor Management (IVM) software.

Centegix’s CrisisAlert system does not rely on WiFi or cell phones but is activated by a wearable panic-alert badge that every administrator, teacher and staff member wears. In an emergency, pushing the badge button gives precise alert location, immediate audio, and visual incident notifications (including lighted strobes, screen messages, and intercom integration) to put the campus in lockdown and instantly notify administrators and responders.

Ident-A-Kid’s IVM software can manage and track all school traffic, including staff, student tardiness, and visitors, who scan their driver’s licenses or other acceptable ID. The software reads the barcode information on the license and conducts and returns data searches on custody issues, sex offenders, and other banned persons across 42 states. Information can also be entered manually.

With these two systems paired, K–12 schools will be able to “provide instantaneous alerts to on-site resources including SROs (School Resource Officers) and campus administrators that alleviate the burdens on educators and staff when faced with critical safety issues,” said Brent Cobb, CEO of Centegix.

Rick Hagan, CEO of Ident-A-Kid, added, “Together we can add control measures on school campuses and reduce the risks that have become increasingly prevalent in the past several years.”

Learn more at the Centegix home page and the Ident-A-Kid home page.

Source link

Continue Reading

Trending

URGENT: CYBER SECURITY UPDATE