Doug Levin and the State of K-12 Cybersecurity
In 2017, Doug Levin of EdTech Strategies launched the K-12 Cyber Incident Map. The comprehensive map details known cyber incidents that happen across the country at different educational institutions. But Doug’s research hasn’t stopped there.
Backed by partners and donors, Doug releases a state-of-the-union-esque yearly report on cybersecurity. PC Matic has happily been a sponsor of his research for several years. Doug notes, “the multi-year support of PC Matic has been instrumental in conducting this research and heightening awareness of this critical issue. It is much appreciated!“
The report is in-depth and looks not only at the attacks that happened but the conditions as to why. Last year, in particular, the added challenge of remote learning and the pandemic led to numbers unseen in previous years.
Levin notes that there are a variety of cyber incidents including data breaches, phishing attempts, denial of services, ransomware attacks, and “other” which include unattributed malware, video conferencing and email invasions (remember Zoom-bombing?) among others. The highest category of incidents seen in the past year was in the “other” category that dominated 45% of the cyber incidents in 2020.
COVID-19 was a looming factor on cyber incidents last year, understandably with the shift in learning environment. While Levin notes that quarter one was on par with data seen in 2019, around 49 incidents, quarter two saw a rise to 67 incidents. However, the real jump came in the last two quarters with 160 and 132 incidents respectively. Levin notes that these were likely cause by the exploitation of vulnerabilities surround the return to campuses in the fall as well as the time around winter holidays.
One interesting piece of information to note is that wealthier, larger, and suburban school districts reported more cyber incidents than their counterparts. He doesn’t offer a guess as to why, but notes that the repercussions can be significant.
An example was the data breach at a school in Toledo, Oh in September of 2020. The cybercriminals dumped the data on their site after becoming unhappy with the district’s response. By February of 2021, parents began receiving reports of identity theft and fraudulent credit for the affected students.
Factoring in the added challenges alongside socioeconomic and geographic challenges, the information presented gives an all encompassing picture. After an extensive look at how and why, recommendations are then posed for moving forward. The report ends on a positive note with how to strengthen security in the K-12 sector.
The importance of the work being done by Doug and the K-12 Cybersecurity Resource Center is undeniable. Research, data, and the information surrounding it can help us understand how these cyber incidents are happening. This, in turn, gives us more understanding in how to stop them.
It’s also important for students, parents, faculty, and administrators to understand these vulnerabilities. As we can see in the case of the school in Toledo, cybersecurity incidents can have long term effects on real people. The research done here can help keep those real people safer. And PC Matic is proud to be one of the sponsors of this research.
To read the full report, click here.
1,089 total views, 1 views today