Cybersecurity attacks have reached alarming proportions, with 160% more data breaches recorded from 2020 to 2021.
New Jersey’s school districts are not immune. Many have become targets of ransomware, a type of malicious software that locks up critical computer files until the victim pays a hefty ransom, according to a press release.
In response, the Educational Services Commission of New Jersey (ESCNJ) is helping school districts improve their defenses against cyberattacks. It is part of the specialized school district’s professional consulting services to school districts and local governments from its main campus in Piscataway, according to the press release.
“Our new program, the ESCNJ Cybersecurity Framework, combines written policies with security awareness training and technology tools to help school administrators enhance their cybersecurity strategies,” ESCNJ Schools Superintendent Mark Finkelstein said.
“We created this framework in consultation with insurance companies, state officials and industry experts to provide a cost-effective response to the growing cybersecurity threat,” he said.
Kevin Dellicker, a consultant with Dellicker Strategies, has been working with ESCNJ to develop the framework. He said cyberattacks are happening more frequently and with more expensive consequences to public entities.
“Protecting digital information requires a culture change in the K-12 community,” Dellicker said. “Effective cybersecurity requires a district-wide response. Technical fixes alone are no longer enough.”
ESCNJ provides services and solutions related to cybersecurity through its cooperative purchasing program. School districts and other government entities can hire consultants to run vulnerability scans and penetration tests, establish incident response plans and implement data defense solutions, according to the press release.
There is no one-size-fits-all solution, but most school districts often need to implement the same strategies to protect data, according to the press release.
“Every school district should have a written plan for information security,” Finkelstein said. “The ESCNJ Cybersecurity Framework guides school districts and ensures they are using proven and tested methodologies to keep information secure.”
Insurance companies are also fighting back against cyberattacks with more directives to policy holders. For example, the companies are requiring school districts to have multi factor authentication, endpoint detection and response, documented staff training and a system backup, Dellicker said.
The ESCNJ Cybersecurity Framework helps school districts meet these upgraded cybersecurity protections that must be in place by June 30, 2022 for most cyber liability insurance renewals. Timing is of the essence; just meeting the minimum requirements typically takes three to six months to complete, according to the press release.
“This framework is our latest service offering through the co-op, as we continue to adjust and respond to the pressing needs of school districts,” Finkelstein said. “Cyberattacks are only going to grow in frequency and, together, we must be protected.”
To learn more, visit escnj.us