K-12 Schools Hit by Multiple Security Events Yearly

Wednesday, March 23, 2011

Headlines

69dafe8b58066478aea48f3d0f384820

Panda Security has released a study which reveals that sixty-three percent of schools K-12 currently experience multiple data security events every year.

The report indicates that forty-five percent of K-12 schools suffered network downtime from malware outbreaks between two and five times per year, while another thirteen percent are impacted between six and ten times per year, and six percent experience more than ten incidents in the same period.

Lack of financial resources and trained security professionals in key positions in the nation's primary and secondary education system make schools an attractive target for cyber attacks.

Compounding the problem is the fact that the inherent weakness in schools network defenses results in an increase in the amount of time and resources dedicated to incident response, with more than half tasking malware removal on a daily or weekly basis.

“While the Internet is an invaluable tool for education, it can cause serious interruptions to day-to-day operations if schools fail to properly address security concerns. The findings of the Kindergarten-12 Education IT Security Study point to a clear need for a security solution that effectively balances cost, time management and superior protection," said Rick Carlson, president of Panda Security US.

image

Panda Security is a vendor, so it is natural that their conclusions would point to managed security solutions as a remedy.

That said, given that public school funding is a challenge, it does make sense that they look to managed services as an economical alternative to implementing security measures in a piecemeal fashion.

The Panda Security report recommends the following:

  • Invest in cloud-based security. Central threat databases in the cloud enable instantaneous protection from threats as they are identified. Consider adopting a cloud-based security solution to enable instantaneous protection from the latest malware and other threats.
  • Require registration of outside devices. With the growing popularity of mobile devices such as iPhones, iPads and other tablet computers, and the ubiquity of laptops, it is important to deploy the same security measures as on-premise network machines.
  • Let technology do the leg work. According to the study, 30 percent of school IT administrators are spending more than 10 hours a month monitoring network activities to detect high risk behavior. Managed security services provide centralized management consoles that drastically decrease the time spent hunting for risks and implement proactive prevention measures, such as limiting access to high-risk websites and alerting administrators of malware attacks across a network.
  • Monitor social media access. With people spending more time on social media, it is no surprise it has also become a favorite tool among cybercriminals. Schools should consider a tiered access model to limit time spent on social media sites, reducing the advantages provided to cybercriminals to exploit vulnerabilities.
  • Institute security awareness education programs. Staff members and students are the last line of defense against cyber threats, so it’s important to keep school populations aware of the most common tactics employed to exploit users.
Source:  http://press.pandasecurity.com/news/panda-security-study-reveals-63-percent-of-schools-plagued-by-it-security-breaches-at-least-twice-a-year/
Possibly Related Articles:
8305
Breaches
Budgets malware Managed Services Headlines Network Security Education K-12 schools
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.