Cybersecurity Threats Are Evolving: How Schools Can Stay Ahead
By Matt Komac, Assistant Director of PC Pool Operations
The cybersecurity landscape for schools is shifting rapidly and threats are becoming more aggressive and harder to detect. While traditional risks such as ransomware attacks, phishing schemes, and business email compromise (BEC) remain prevalent, school districts now face a new era of threats driven by artificial intelligence (AI).
AI-powered tools enable attackers to craft convincing phishing emails, impersonate staff using deepfake audio or video, and automate network intrusions. These capabilities can be deployed at scale with minimal effort, making even small rural schools viable targets. The stakes are high: sensitive student records, financial information, and operational continuity are all at risk. A single incident can lead to costly disruptions, legal liability, reputational damage, and erosion of public trust.
Actions to Minimize Your Risk
1. Require Multi-Factor Authentication (MFA)
Implement MFA for all staff email accounts, payroll and accounting systems, student information systems, and remote access tools. This remains the single most effective defense against account compromise.
2. Train Staff on Phishing Awareness and AI Threats
Provide regular training on evolving phishing tactics, including those enhanced by AI. Promote a culture of "pause and verify" where staff double-check unusual requests involving credentials, wire transfers, or confidential information.
As an MSGIA member, you now have access to eight newly released cybersecurity courses through Vector Safe Schools at no cost. The courses include:
|
Course Title
|
Duration
|
Course Title
|
Duration
|
|
Creating a Cybersecurity Culture
|
29 min
|
Security Awareness Essentials
|
20 min
|
|
Safeguarding Against Social Engineering
|
12 min
|
Social Engineering
|
14 min
|
|
Incident Preparedness & Management
|
20 min
|
End-User Best Practices
|
20 min
|
|
Classifying & Safeguarding Data
|
20 min
|
Laws & Global Compliance Standards
|
33 min
|
3. Implement and Maintain Endpoint Protection
Ensure antivirus and endpoint detection software is active and up to date on all school-owned devices, including desktops, laptops, tablets, and mobile phones. Disable unused accounts or services to reduce access points for potential threats.
4. Enforce Role-Based Access
Grant users only the minimum data and system access required for their roles. This principle of 'least privilege' significantly reduces the potential impact of compromised accounts.
5. Maintain Secure, Offline Backups
Store regular backups of critical data in offline or air-gapped systems. Backups should be encrypted, tested regularly for restoration capability, and kept separate from the production network.
6. Review and Test Your Incident Response Plan
Ensure your incident response plan is current, practical, and rehearsed. Clearly identify key personnel responsibilities, escalation paths, and communication protocols. Regular testing reveals gaps before an actual incident occurs.
7. Review Record Retention Policies and Eliminate Unneeded PII
Regularly review your district's record retention policy to ensure you are not retaining personally identifiable information (PII) longer than necessary. Deleting outdated or unnecessary records, especially student or personnel files, reduces potential harm in the event of a breach.
Please review these recommendations with your IT department and contact MSGIA if you have any questions. Return to newsletter