Sai Huda – CEO CyberCatch

What should K-12 schools do to protect themselves from cyber attackers?

K-12 schools should do three things:

  1. They should implement NIST Cyber Security Framework (CSF) and implement 108 cybersecurity controls that are prevention, detection and response controls.
  2. They should implement an Incident Response Plan to detect and respond to an attack.
  3. They should test cybersecurity controls continuously to detect security holes so it can be eliminated so an attacker cannot exploit and break in.

What is the harm to students from a data theft?

The harm can be for life. A data theft can leads to identity theft and harm for life. Sometimes it can be immediate, such as when a student applies for college and student loans or a part-time job, and they find out they have bad credit from identity theft. Or a few years later when they apply for a job. The data can also be used for blackmail of parents, especially those in jobs with national security implications.