Ten Ways to Reduce the Risk of a Cyberattack on Your School

Ten Ways to Reduce the Risk of a Cyberattack on Your School
Ten Ways to Reduce the Risk of a Cyberattack on Your School

Business and Operations

Cyberattacks are expected to occur every 11 seconds in 2021—and unfortunately, K–12 schools are increasingly at risk, thanks to distance learning. Some of the biggest threats are ransomware and funds transfer fraud. Threats commonly occur via the entry point of email, also known as "business email compromise."

Knowing how to reduce your risk for a cyberattack must be a top priority. Lower your risk for a cyberattack and keep your school safe with these 10 tips.

Tip #1—Deploy Multifactor Authentication

Since students and teachers probably log in on networks outside the school, it's a good idea to verify their identity regardless of the network. Multifactor authentication is a way to verify user identity (often via email or text) to log in.

Tip #2—Verify Wire Transfers

Funds transfer fraud is on the rise. In this scam, employees are tricked into logging into fake bank sites or installing software to gather information. These mistakes can allow third parties to access your school's bank credentials—making it easy for a fraudster to transfer funds.

Require your staff to verify vendors requesting money.

Tip #3—Conduct Routine Backups

It may sound like a no-brainer, but regularly backing up information can safeguard it—and offer insights into resolving any cyberattack. Your Information Technology (IT) personnel should monitor your school network and any equipment students and staff use at home.

Tip #4—Encourage Proper Password Management

Encourage users to create strong passwords and use a password manager. This can significantly lower the risk that a cybercriminal can access multiple platforms.

Tip #5—Update User Systems

Personal devices running on outdated versions of operating systems present an entry point for cyberattackers. For instance, ensure you upgrade from Windows 7 to Windows 10 or to Catalina for Mac users.

Tip #6—Identify Protections

Ensure firewalls are correctly configured and secure on routers and computers. Schools should have a content filter to protect students from inappropriate content, as per the Children's Internet Protection Act (CIPA).

Tip #7—Store Data Safely

Ensure the school community's data is private and in compliance with the Family Educational Rights and Privacy Act (FERPA). Schools have commonly moved to Cloud operating systems for data storage. The front line of defense for any Cloud system and to keep data secure is through encryption—methods utilizing complex algorithms to conceal protected information.

Tip #8—Create Policies

A surefire way to have a consistent protective system is to create policies and enforce them. Include these policies in your student and staff handbooks, which are acknowledged and signed each year.


Tune in to ask questions related to this Source article or other topics you've encountered lately.

Visit our NEW Community and start posting.

Tip #9—Pay Attention to Equipment

If you let students take school-owned devices home, ensure those units comply with all policies. Educate students about the rules governing device use and consider protecting equipment so others at home cannot log into your system.

Tip #10—Provide Education

Once you devise cybersafety policies for the school, it's vital to educate students and staff on what's expected, why safeguards are in place, and what they should do if they see anything suspicious. Consider sharing the FBI's Safety Online Surfing Program with your students and families.

Find your school's vulnerabilities—cyberattacks are on the rise

Protect your students and your school with ISM Insurance!

Cyberattacks can happen at any time to any school—including email phishing, ransomware, denial of service attacks, data breaches, social engineering, wire fraud, and technology failures. Discover how to protect your school from cyberrisk and minimize the impact it can have on your operations. Partner with ISM and the best insurance carriers to protect your school from cyberattacks.

To learn more, email insurance@isminc.com or call 302-656-4944.


Upcoming Events

6/22/2021 — 6/24/2021


Strategic Financial Planning: A Comprehensive Approach

Status: Open


7/20/2021 — 7/22/2021


Virtual Advancement Summit

Status: Open


More Events

  • workshop 6/21/2021 — 6/25/2021

    Chairing Your Department: The First Five Years

  • workshop 6/28/2021 — 6/30/2021

    Mastering Enrollment Management in a Post-COVID-19 World

  • workshop 7/12/2021 — 7/15/2021

    High-Performing Teams: Managing Up, Down, and Sideways