Cybersecurity is an area that schools across the country struggle to prioritize with the hindrance of budget constraints. The root of the problem is a mismatch between finite resources, the demands of the threat landscape, and educating students.

We recently posted about one of the most recent and high-profile cyberattacks in the education sector that targeted the Los Angeles Unified School District. The ransomware attack in early September caused the school district to reset over 600,000 passwords, with the demand of the ransom still outstanding.

After LAUSD was hit by the ransomware attack, a joint cybersecurity advisory explained that K-12 schools have increasingly become the subject of ransomware attacks due to the sensitive student data they house.

This year alone, 26 schools districts that represent 1,727 schools have been the victim of a cybersecurity attack.  14 of these districts have had data stolen according to Brett Callow, a Threat Analyst at Emsisoft.

Although this figure is lower than last year so far, Callow says that “the number of incidents remains unacceptably high.” The need for more robust and effective cybersecurity in schools is still unmet.

“School districts with limited cybersecurity capabilities and constrained resources are often the most vulnerable,” the FBI and CISA wrote in the advisory. “However, the opportunistic targeting often seen with cybercriminals can still put school districts with robust cybersecurity programs at risk.”

Many schools don’t have the staff, tools or support needed to create a strong cybersecurity structure, according to Rick McElroy, Principal Cybersecurity Strategist at VMware Carbon Black, said via email.

The security capabilities that schools need aren’t different than those needed by large corporations. Among those capabilities consistently listed by CISO and cybersecurity professionals alike are multifactor authentication, backup and recovery, and endpoint detection and response.

Story via K-12 Dive