The rate of cyberattacks are on the rise, and schools are not excluded from the target list. According to a 2021 report, schools had 408 publicly disclosed attacks last year—that’s up from 348 in 2019. As we emerge from the COVID-19 pandemic, schools need to ensure they can keep ahead of the ever-evolving threats.
Having general security protections in place is imperative. But attacks can occur even with preventive measures in place.
Responding to a cyberattack promptly is crucial. Educate your teachers, faculty, and staff about what to do should an attack occur. Your Information Technology (IT) team may not be the first to discover the attack, and a delayed response can cause significant damage.
School Cyberattacks: What’s Next?
We often talk about preventing an attack, but what happens if your school falls victim? Consider the following five steps. (But be mindful that this is general advice. Consult with your IT professionals to create an action plan.)
Step 1—Disconnect and Notify
Shut down your internet connection—ethernet cables, WiFi, Bluetooth, and cellular data—as soon as you notice a problem. If your IT isn’t aware of the attack, notify them immediately.
In the meantime, if you are savvy with technology, you can disable remote access, install pending security updates, and change passwords.
Step 2— Delete Nothing
Refrain from deleting data, apps, or programs. Keeping data intact—including backup data—can be critical to investigating the situation.
Step 3—Define the Issue
Understanding how (and where) the attack happened will support you in preventing it in the future. Work with your IT team to determine which server or data may be affected. When explaining the situation, be as specific as possible, identifying websites visited, emails opened, or documents downloaded. Determine if data has been stolen or shared publicly.
Step 4—Report It
Notify your cybersecurity insurance provider as soon as possible. Timing is critical when it comes to cyberattacks, especially if funds have been stolen. Immediate notification can increase the probability of recovering any lost funds and protect your school from a public relations disaster.
Tune in to ask questions related to this Source article or other topics you've encountered lately.
Visit our NEW Community and start posting.
Step 5—Plan a Response
Depending on what happened, your school may have to share information about the attack with families or the community. Once you assess the situation, determine any legal issues, and then collaborate with your legal, public relations, and communications team to discuss a public response. Having a response in place will allow you to share a report of the situation without delay—leading to a positive outcome from an otherwise negative situation.
