SafeGuard Cyber | First Watch Podcasts

Frosty Walker: Ransomware & K12 Security | SafeGuard Cyber

Written by SafeGuard Cyber Team | Oct 26, 2020 4:00:00 AM

The global pandemic has made 2020 the year of remote learning, resulting in schools embracing digitalization. This has introduced major new challenges for K–12 cybersecurity teams.

 
  

K-12 Cybersecurity and the Challenges of Remote Learning

Schools around the U.S. have faced cyberattacks that halted remote learning. This year alone, ransomware attacks disrupting school systems has been a near daily occurrence (as if teachers and IT teams didn't have enough to worry about with just trying to get online learning to work). These cyber attacks have resulted in interrupted learning, student data breaches, and postponed classes. 
For insights and ideas about solutions, we reached out to K-12 expert Frosty Walker, former CISO of the Texas Education Agency, and now CEO at ATX Cybersecurity Strategies in Austin. In the podcast interview, we dug into budget needs for online learning security, and what's necessary to help defend schools, students, and staff.

The Challenges of Online Learning

One way to ensure distance learning cybersecurity is to strengthen internal systems and infrastructure. But there are other challenges that school administrators face.
“We have very limited resources we're taking away from. And people are already wearing multiple hats, trying to keep that organized and keep track of those assets.”
“The first concern we have,” Frosty explained, “is primarily making sure that the students have devices for all learning. And we have a constant turnover of those devices. We have students that leave or go to another school and we have limited staff. So we have to wipe, sanitize those devices, and then redeploy them again. So we have very limited resources we're taking away from. And people are already wearing multiple hats, trying to keep that organized and keep track of those assets.”
Thousands of users are using cloud-based applications such as Zoom, Google Meet, Google Classroom, and Microsoft Teams. The K-12 Cybersecurity Resource Center reported 202 publicly disclosed K-12 cyber incidents in 2020, and 56 incidents in one month as schools return for the 2020-21 academic year. 
Most school systems don’t have SOC teams. School staff and IT teams must adapt to protect both staff and students.
Using the cloud at home means teachers, students, and even administrators are unknowingly bringing malware back into the district environment. Unfortunately, most school systems don’t have SOC teams. Frosty believes school staff and IT teams must adapt to protect both staff and students.

Frosty’s K-12 Cybersecurity Recommendations

“Cybersecurity is not like a weekend getaway. It is a journey.”
Being a former CISO at the Texas Education Agency, Frosty would update on a quarterly basis using the Texas Cybersecurity Framework, in line with certain NIST standards and elements. This framework was used for agencies and higher education. Frosty recommends a similar quarterly framework for all remote learning systems. 
“Cybersecurity is not like a weekend getaway. It is a journey. Did we change any policies? Have we added procedures? Have we updated procedures that would improve our security posture in these areas?” These are the questions teams need to be asking, Frosty explains.
“You need to have cybersecurity policies that ensure your users understand how and what appropriate usage is.”
“You need to have an inventory of your software, and an inventory of where your sensitive information is located. What applications are those in? You need to have cybersecurity policies that ensure your users understand how and what appropriate usage is.”
Once schools have developed a framework, it is important to identify the risks, then develop a mitigation plan. “In many cases, schools just don't understand where their risks really are located,” he said. “Your board of directors need to understand that their systems could potentially contain some of the most valuable information that we have today.”
“A 15-minute course can go a long way in improving your security posture.”
Frosty mentioned security awareness training certified by a state agency as a starting point: “A 15-minute course can go a long way in improving your security posture. Use some type of framework that helps you identify where your risks are. Then prioritize those risks so that you can budget for them over a long period of time. And that's a continuous process because new risks are discovered every day.”

The Increasing Challenges of K-12 Cybersecurity

Student information potentially has the highest market value on the black market.
K-12 school administrators and IT leaders should work together to address vulnerabilities and exposure of students’ sensitive personal data. Just last month, Microsoft reported over 5.9 million malware incidents across the education industry. According to Frosty, student information potentially has the highest market value on the black market as per an FBI report.
“We get by this hurdle, and maybe we can begin to focus back on threats so that they can have a better security posture in the long-term.”
To ensure the security of digital technology in K-12 education, institutions need to continue to move in the direction of robust and up-to-date K-12 cybersecurity. A proactive stance and immediate response can produce powerful results. 
“I'm always glad to see schools making improvements. Schools are really struggling with online; it’s a brand-new challenge, but they've really stepped up to that challenge,” exclaimed Frosty. “They didn't have a choice but to step up to that challenge. We get by this hurdle, and maybe we can begin to focus back on threats so that they can have a better security posture in the long-term.” 
You can listen to the podcast episode here , and is also available on Stitcher, Apple, and Spotify. The Zero Hour Podcast is the intersection of information security and business innovation. Learn from industry experts in cybersecurity, marketing, and business management. We talk about the challenges and opportunities that come with new technology. 
Also, see how Safeguard Cyber’s digital risk protection platform discovers, protects, and mitigates cyberattacks. Reach out for a demo here.