Managing the Heightened Risk of Cyber Attacks in Schools

Atturra - 4 min read

Schools are increasingly relying on technology to streamline their administrative operations. This reliance is bringing heightened risk of hackers and cyber criminals to undertake ransomware and phishing attacks, as they recognise student administration platforms are rich sources of personal data. Protecting the integrity of systems and avoiding damaging data breaches should be considered one of the highest priorities for schools. Those that fail in this area may find themselves subject to regulatory action.

Cyber Risks Schools Should Plan For

Cyber risk should be considered a key component of overall school risk evaluations. The types of risk are numerous and varied and can significantly damage the school’s ‘business as usual’, productivity and can cause significant reputational damage. The risks

  • Traditional malware: malicious software and viruses
  • Phishing attacks: cybercriminals send deceptive emails or messages to students, teachers, or staff to trick them into revealing sensitive information
  • Ransomware: software that encrypts school data, making it inaccessible until a ransom is paid
  • Distributed Denial of Service (DDoS): attackers flood the school's network or website with traffic, causing it to become inaccessible
  • Social engineering: attackers manipulate individuals into revealing confidential information or performing actions that compromise security
  • Insider threats: malicious or negligent actions by school employees or students, such as data theft or sharing sensitive information
  • Internet of Things (IoT) Vulnerabilities: insecure IoT devices in schools, such as smartboards or security cameras
  • Vendor/third-party risk: trust of third-party services or software used by the school, such as learning management systems and/or other cloud providers.

ICT Security Tools for Managing Risk

Good internal ICT security tools and management are essential and should include:

  • complete and current community user policies
  • industry standard firewalling
  • effective endpoint application/antivirus software
  • email and internet filters
  • strong password regime (length and complexity)
  • multi-factor authentication (MFA)
  • secure Wi-Fi access and segmented/virtual local area networks (LANS)
  • strict file authority management direction (personal, staff and community)
  • granular access controls to network resources (dictated by school HR and implemented by IT support)
  • rigorous backup regime (including different media and cloud components)
  • disaster recovery (DR) processes are in place and tested in case a worst-case
  • scenario occurs. This procedure should include a nominated 3 rd party security partner.

Training and Monitoring is Key to Reducing Risk

All of these measures will only be effective if cyber awareness from staff, students and parents is strong, as most cyber breaches are initiated by negligent internal users. Schools should actively train their communities in this area, including running internal simulation tests (e.g. email phishing tests). Cyber security is everyone’s responsibility, not just the ICT department.

External security audits such as Penetration Tests can give a school a valuable point-in- time evaluation of immediate threats. Ongoing monitoring systems like Security Information and Event Management systems (SIEMs) are increasingly being considered by schools. These systems can proactively detect attempted infiltration and take initial mitigation steps.

Even if a school chooses to ignore the risk, external auditors increasingly require school boards to take out insurance to cover the cost of a breach. So, schools are going to pay one way or another. Those institutions looking to reduce risk, along with insurance costs, are looking to industry-level security standards/frameworks, benchmarks, tools, and vendors with both industry and technology expertise. Evaluations of Essential Eight, National Institute of Standards and Technology (NIST), or ISO 2700 are good places to start to understand the requirements.

How Atturra can Help

Atturra has many years of experience working within the education sector, with both industry and technology experts who can help with managing a school’s cybersecurity posture. Our security services that support schools continue to grow with the recent announcements of our partnership with MyCISO to underpin our managed security program. More details are in this article.

If you’d like to talk to one of our experts, please send an email to our K-12 Practice Lead
Brett Auton at

You might also like