This marked the second This is when the federal Cybersecurity and Infrastructure Security Agency (CISA) convened the National K-12 School Safety and Security Summit, and the event came just months after the federal agencies announcement a national effort to increase public information and support around the school cyber security.
Schools and school districts hold a wealth of sensitive information, from employee financial information to student mental health records. At the same time, schools, like much of government, are struggling with legacy technologies as well as limited staffing, training and/or budgets for cybersecurity, said Terry Loftus, CIO and assistant superintendent from the San Diego County Office of Education, during the summit. .
Hackers and cyber insurers are both increasingly aware of the mismatch between the high value of school districts’ data and their generally limited resources. Hackers carry out frequent attacks, while insurers raise prices and tighten restrictions.
“In elementary and secondary schools, cyber incidents are so prevalent that there is on average more than one incident per school day,” CISA Director Jen Easterly said at the summit.
The problem is also global: in 2022, malware attacks targeting K-12 organizations worldwide increased 323% year over year, and ransomware attacks against schools grades K-12 increased by 827%, according to one cybersecurity company. Sonic wall.
Public entities are particularly likely to face frequent attacks and have attackers penetrate defenses, Loftus said. In light of this, cyber insurers are increasing policy renewal rates, refusing to take out new cyber policies, or requiring policyholders to follow more cyber checks.
“Did you know that the insurance company can deny payment of a claim due to old, outdated, or unpatched software? » said Loftus. Cyber insurers are increasingly emphasizing multi-factor authentication (MFA), endpoint detection and response (EDR), software lifecycle management and cyber training programs, he said .
These measures can all be useful, both to attract insurers and to reduce risks. For the many schools facing limited cyber resources, free offerings can help ease the burden.
The Center for Internet Security (CIS) provides a free cybersecurity self-assessment and its CIS Critical Security Controls provide a prioritized set of cybersecurity best practices and protections. It also offers free cybersecurity services, such as blocking and reporting malicious domains (MDBR). CISA also offers online resources for conduct tabletop exercises and earlier this year published a K-12 cybersecurity toolkit and report. LPCC announcement in August, it would provide individualized support to 300 new K-12 entities.
But hackers aren’t the only risk facing schools in an increasingly connected world. Speakers at the summit also addressed the implications of heavy social media use on young people. Mental Health — a problem that has recently stimulated dozens of states to sue social media giant Meta.
The American Academy of Pediatrics recently spear the Center of Excellence on Social Media and Youth Mental Health to provide information and promote best practice around healthy social media use.
Center co-directors Megan Moreno and Jenny Radesky compared teaching children to use social media safely to teaching them to swim or drive — activities in which children initially benefit from a lot of guidance and monitoring, until they have developed the skills and understanding necessary to manage it. Children’s relationships with social media will also change over time, depending on their age and stage of development.
It is impossible for parents to fully monitor or control their children’s online activities, Radesky This is noted, but parents can focus on listening and fostering trust, which could encourage their children to talk to them about upsetting experiences.
Educators and parents should also keep in mind that children turn to social media for different reasons, not all of which merit the same type of response.
“To support young people’s mental health, we need to ask what’s going on in that child’s mind,” Radesky said.
The center recently surveyed young people ages 11 to 17 who spent hours on the phone during an average school day. Many said they were communicating with friends – a normal activity at this age. Some teens, meanwhile, were drawn to their phones by frequent notifications, while others said they turned to their phones to calm down or distract themselves when they felt overwhelmed, Radesky said.
Knowing children’s motivations can help schools that want to reduce the distraction caused by phones. Teachers can ask students to set their phones to “Do Not Disturb” or turn off unnecessary notifications during class. Radesky also recommended encouraging kids to think about their habits, including asking them to think about what made them turn to their phone and whether it helped them or simply distracted or distressed them.