By Mark Scott, CEO Cantium Business Solutions
The last eighteen months have been particularly challenging for the education sector. It’s clear that the shift to remote learning has left many schools feeling vulnerable and unprepared to protect themselves against cybercriminals. Despite this, there is a backlog when it comes to addressing this rapidly emerging challenge. There are many reasons for this, but one challenge I see most often is the perception challenge. If this problem is not recognized by leadership, staff, and students, then, for all intents and purposes, it does not exist. Here’s why that has to change.
Schools are key targets for cybercrime
During times of national crisis, opportunities for cyber attackers are plentiful. Confusion and a rapidly changing way of learning contributed to vulnerabilities in a system that was already facing challenges, financial or otherwise.
We recently conducted a survey of over 500 decision makers in education. It revealed that two-thirds (66 per cent) of UK schools surveyed say they have experienced a cyber attack in the last 18 months. Amid anecdotal evidence that cybercrime in education has been on the rise for some time, that is concerning. Furthermore, only 35 percent of our respondents strongly believed that they were well prepared to protect their school against malicious activity in the future.
The stats match what we hear on the vine. Naturally, schools are key targets due to the sensitive nature of the data they hold about students, staff, and parents. They are also quite complex as systems, making it difficult to pin down the source of an attack quickly and effectively without the correct measures in place.
Cyber attacks can have a devastating impact, with many schools requiring a significant amount of recovery time to restore critical services and protect data at risk. This, as I have seen especially in the last two years, means that these incidents can attract media attention and attract negative perceptions from parents of children whose data may have been compromised. The effects of an attack extend far beyond the hardware and software that has been breached.
Is cybercrime a lower priority?
We know that those effects, mentioned above, occur. It has been shown over the past eighteen months that the risk of ignoring such a large-scale problem is too great a risk. Not only that, but recent world events have undoubtedly increased the risk level of cyber attacks even further. Despite this, we know that a good proportion of schools are unable or unwilling to place cybersecurity as a high priority. To me, that shows that there are barriers to strong cyber protection that need to be overcome. For decision makers in education, a big part of this is changing perceptions internally. This has to happen before you start advocating changing long-standing practices or buying new solutions to bolster your defenses.
Having all staff members on board is vital, especially when your challenge is one of perception. Not only that, but students should also be educated on how to keep their information safe, especially at school.
This month alone, eight institutions were honored by the CyberFirst Schools initiative, led by the National Cyber Security Center (NCSC), for their work in educating their students in the essential elements of cyber security in the classroom. This shows that ambition certainly exists for schools in some parts of the country. We need to scale it nationally.
The narrative that cyber security is an IT team issue needs to change: We know that many decision makers feel the need to protect their institutions’ data, but work must be done to win the hearts and minds of the faculty in general, extending downwards. to the students they teach. Despite increased exposure to cyber attacks, our survey showed that 46% of schools believe the cyber threat will not increase further by 2022.
We haven’t seen any evidence that the rise in cyberattacks is going to go away anytime soon. Covid has already placed great demands on the education sector and having a cyber attack, losing access to key files and data, or not being able to teach is a situation that no one wants. It cannot fall on the priority list.
Future-proof cyber infrastructure in education
As I look to the future of cyber investment in education, there is no doubt in my mind that educators should see it as a priority. If the barrier is a perception barrier, then the work begins there. The most lasting changes you can make will be the ones that get everyone on board, not just the changes that make the best financial sense.
As the threat landscape evolves and schools continue to embrace digital technologies, it is important to invest in cybersecurity measures, education, and expertise that can help protect against malicious activity. Cybersecurity doesn’t just lie with the IT department, it’s a mindset and level of awareness that helps prevent cyberattacks and protect staff and students.
Recommend0 recommendationsPublished in