Last month, I met with a variety of experts in the field of cyber safety and security. They represented different companies, K12 and higher education spaces and offered a variety of perspectives on the many challenges when it comes to protecting our sensitive data in education. Here are links to the full episodes if you’d like to learn more:
Unlocking Cyber Security #1 w/Stefanie Dunn, Chris Irwin & Fabio Zampieri
Unlocking Cyber Security #2 w/Chris Stegh & Dr. Joe Phillips
Education is a target
Like it or not, education is one of the top targets when it comes to cyber crime, particularly ransomware. According to a recent Sophos report, the rate of ransomware attacks in education has steadily increased to nearly 80% of reporting institutions claiming they’ve been victim of a potential cyber attack. With the rise of AI and spoofing software, this will continue to increase. That said, as our experts shared, there are some ways to avoid becoming a cyber criminals next victim.
Tip #1 – Multi-Factor Authentication (MFA)
The number one phrase shared by all experts on the panels was “MFA”. Years ago, this was an option for schools to help be safer, but today, it should no longer be optional. One of the challenges from doing multi-factor with everyone is the need for a secondary device to authenticate. Some staff might not want to use their personal phones and some students (like in elementary) won’t have access to a second device. That said, having this set-up for the adults in the buildings is the first layer in being cyber secure.
Tip #2 – Single Sign-On Account Provisioning
Having a single sign-on (SSO) portal or method is also an affective way of reducing the amount of log-ins and data in third party apps. In addition to this, having automated account provisioning and de-provisioning helps make sure that staff and students can have access to necessary systems quickly. A key to having a successful automated system means “clean” data entry as part of the onboarding process and clearly defined roles and rights within various systems.
Tip #3 – Allocating Resources for 24/7 Support
When I started teaching there were a few desktops running CD-ROM software and some basic internet. Yes, this was at the turn of the century. Today, we have so many more applications to manage as well as an increased reliability on these tools for learning. As learning is extended beyond the classroom walls, so must the support. However, most schools lack the funds to have personnel on hand for 24/7 support. Utilizing 3rd party companies like ForsyteIT, districts that can’t afford extra staff can lean on these companies to help cover support and be an extra set of eyes on their network.
Tip #4 – Prioritize Cyber Security in Education
As I mentioned in tip #3 – we have increased the necessity of support for all our systems. Part of that support is making sure all our systems are cyber secure. However, high quality cyber security is dependent on everyone within the organization. From the superintendent to every student, cyber security needs to be a part of the education process. From the classroom to the board room, consistent training and education around cyber security will help avoid some of the larger phishing attacks. It has to be more than just “the job of the IT department” to keep our data (and district) safe.
Tip #5 – The Importance of End Point Detection
Even with better staff training and 24/7 support for when systems go down, you need to also have a system in place for end-point detection and response. With the complexity of cyber attacks increasing, utilizing a tool like Microsoft Defender XDR is becoming more and more of a necessity to keep a network safe. While we can’t always anticipate what attack is coming and from where, the AI built into these newer detection platforms help us at least stay even with those cyber criminals out there to some extent.
Tip #6 – Have a Crisis-Response Plan in Place
With cyber attacks, “it’s not a matter of if, but when” it happens according to Fabio Zampieri from Sierra College. Having a crisis-response plan in place will help you get through the attack faster with less down time. As our systems become more and more reliant on the network, an attack that takes down your infrastructure means more than just the loss of instructional time. An effective cyber attack will take out your phones, your HR and business office systems, your badging and security systems and more. Knowing and practicing for an attack before it happens can make your response go from days to hours.
Tip #7 – Be Adaptable and Stay Connected
With the massive influx of AI tools in our classrooms, we have potentially introduced some more points of vulnerability. However, with some of the tips listed here, that vulnerability can be minimized. The future is constantly changing and the complexity of the attacks (now also using AI) will be more challenging going forward. Keeping abreast of the latest in cyber security and attacks while also being adaptable will be key for any CTO or Tech director going forward. These jobs can be isolating in nature, but having a trusted network of others in the same industry can help keep our systems up and running with little to no downtime. Ironically, staying connected with others will help keep us connected online.

Great tips for educators looking to enhance cyber safety! From multi-factor authentication to creating a solid response plan, these insights are essential for protecting sensitive information. It’s a reminder that proactive security measures are key in today’s digital classrooms.
Check out this plugin as well:
https://aiologin.com/