For decades, tragedies on school campuses have incited fear and trepidation for students and their families while administrators, law enforcement, politicians, vendors and activists have sought solutions to harden schools, to make them more secure. Today, the worry goes far beyond physical security. Districts across the country should now learn from the unfortunate mishaps of others and implement robust cybersecurity plans and protections.
The impacts of not doing so expose districts to a tremendous amount of risk, with the potential for student and employee personally identifiable information to land in the hands of nefarious actors. The financial and reputational damage is a tough pill to swallow.
In the absence of a plan that is routinely practiced and enhanced, the fallout can be crippling. Similar to safety and crisis plans developed for other scenarios relating to physical security, it is imperative to develop a cybersecurity plan in partnership with information technology experts, law enforcement and legal partners.
In the wake of a data breach in a parent in a rural Indiana school district told CBS News, “I don’t have any faith that they know who is actually compromised. From where I sit, they’re not looking out for my children’s best interests.”
While leaders in your school system could remain complacent and cross our fingers that a similar reaction wouldn’t fall to your school system, we believe that’s a recipe for disaster. Rather than sit on the sidelines and wishfully wait, we invite you to download this FREE (linked below) resource developed by the K12 National Advisory Council on Cybersecurity (NAAC).
CEO & President Lesley Bruinton participated in a working group led by Project Tomorrow’s Dr. Julie Evans to create NAAC’s “A Roadmap to Develop a K-12 Districtwide Cybersecurity Ecosystem.” For districts looking for additional resources, check out this ready-made table top toolkit developed by the federal government’s Cybersecurity and Infrastructure Agency.
As a district and school leader, we encourage you to review the roadmap and toolkit provided here as an initial step in your journey. It’s time to jumpstart the engines and proactively address and constantly assess risk in cyberspace. Here are a few questions to get the wheels moving:
- Where do you begin to recover student PII and employee financial data?
- What happens to your school operations if data is compromised?
- Are business practices sustainable, and if so, for how long, without access to network-dependent processes?
- How will you communicate with your employees? Families? Students?
- Is there a culture of accountability and adherence to current cybersecurity practices?
- When systems fail, what redundancies are in place to ensure communication is not disrupted?
Ultimately, it’s important to pick up the ball and get moving. Not sure where to start? Your School Spirit PR team is here to help coach your leadership team through this journey. Book a Huddle today to learn how we can help.
