This article was originally published in THE Journal on 2.9.23 by Charlie Sander, CEO, ManagedMethods
Three Post-Cyberattack Do’s and Don’ts for School Leaders
As is the case for so many multimillion-dollar organizations that collect sensitive data, K–12 schools are prime targets for hackers. According to Comparitech, at least 60 school districts and 26 universities suffered ransomware attacks in 2021.
Cyberattacks can leave significant recovery costs in the aftermath. For example, Baltimore Public Schools spent over $8 million on recovery after being attacked in 2019.
The costs go far beyond any ransom demands, however: public anxiety over potentially compromised data security, feelings of privacy invasion, and unfavorable public impressions of the district or its leadership, just to name a few of those hard-to-quantify impacts. Another common result of a cyber incident is school closure and short- and long-term operational disruptions. Schools in the United States shut down for an average of seven days after a cyberattack in 2021.
So how does your district recover as smoothly and efficiently as possible after a cyberattack? What steps should be required — or avoided — to minimize an incident’s negative impacts and costly disruptions? Following are some tips to avoid making a cyber incident even more costly, for district leaders, risk management planners, and IT practitioners: What to expect and some do’s and don’ts to move forward with as little damage as possible…