Fault in Our Staff. Education Organization Cybersecurity
Education Cybersecurity Weekly is a curated weekly news overview for those who are concerned about the Education industry. It provides brief summaries and links to articles and news across a spectrum of cybersecurity and technology topics that are specific to the industry.If we were students of the College of Science at the California State Polytechnic University, we also would be nonplussed reading such academic advice email. A school district in the U.S. becomes a victim of cybercrime almost every three days.
Human error caused data exposure at the California State Polytechnic University
EdScoop on February 8, 2019
If we were students of the College of Science at the California State Polytechnic University, we also would be nonplussed reading such academic advice email.
The incident happened on January 28 – the wayward email, revealing the personal data of nearly 4,500 students, was sent to the 940 computer science majors at the university. The exposed data included the name, ethnicity, email address, school ID, academic standing, and GPA of each College of Science student.
University spokesperson Tim Lynch emphasized that data disclosure was a mistake by a university employee. Actually, the consequences of this human error could have been much worth, unless a computer science student, received the email, had informed the IT department about it.
Although the email has since been deleted, it is impossible to determine how many people downloaded or copied the information. Affected students were notified the next day after the data exposure.
K-12 cybersecurity incidents report – statistics to think about
EdSurge on February 7, 2019
This report conclusion confirms our predictions about the increase of cybersecurity incidents in education organizations. A school district in the U.S. becomes a victim of cybercrime almost every three days.
According to the “The State of K-12 Cybersecurity: 2018 Year in Review” study, in 2018 public K-12 education organizations faced 122 known cybersecurity incidents, ranging from phishing scams to ransomware attacks. The author of the report noted that it is only the tip of the iceberg as many districts preferred not to make those incidents public.
What is interesting, suburban, rural and urban districts were similarly vulnerable, the number of students also did not matter. However, the schools with a higher population of students living in poverty were less affected.
One plausible hypothesis is that wealthier school communities may be relying on more technology than other district types and hence are exposed to greater risks.
Doug Levin, author of “The State of K-12 Cybersecurity: 2018 Year in Review”
«The things that pick you up at night»
EdTech Magazine on February 6, 2019
Well, the following news logically continues the previous one. Have you already guessed the topic?
Yeah, privacy in education may keep up at night not only IT teams of the education organizations but also staff, faculty, students and, what is more significant, their parents, who want to be sure that the districts are able to secure the sensitive information of their children.
At the TCEA event, educators and IT leaders highlighted several recommendations to strengthen education cybersecurity:
- Establish a structured, role-based system for data access.
- Remember that commercial use of data is a red flag for parents and advocates.
- Human error is still the major risk, especially in terms of phishing threats.
- Ensure your students set the correct privacy settings on social media to avoid oversharing.
The NCSC launched cybersecurity degree apprenticeships
Education Technology on February 7, 2019
Do you know that the UK takes the second place in the education insecurity, following the USA? However, it is one of the most active countries, developing the cybersecurity field and encouraging both companies and government institutions to improve their data protection.
Recently the National Cyber Security Centre (NCSC) expanded its professional certification and included cybersecurity degree apprenticeships in the UK. The NCSC has already certified nearly thirty degrees. The global aim of the Centre is to set the standard for cybersecurity higher education organizations in the UK.
Not only will these certified degrees provide a benchmark for future cybersecurity professionals, but also help to ensure they are ready for the world of work and prepare them for an exciting career.
Chris Skidmore, Minister of State for Universities, Science, Research and Innovation