Data Privacy & Security Service Digital Digest_Summer 2018

Data Privacy & Security Service

Issue 12

CoSN FEATURE ARTICLE

10 Steps to Address Data Security & Data Privacy by Linette Attai & Marie Bjerede

In This Issue

With the news full of data breaches and other cyber attacks at school districts and also at numerous large public companies, today’s district leader has cybersecurity on the top of his or her mind. There is the risk to the reputation of the district and its leaders as reports of student data leaks make it into the press, the loss of learning time as denial of ser- vice attacks shut off access to the Internet, and loss of internal digital systems as ransomware holds their data hostage. There is also the cost of data breaches to consider: the average cost of a breach in educa- tion in the U.S. is $245/record. The average number of records exposed per data breach (across all sectors, not just education) is 28,512. Costs are incurred for lawyers, forensic discovery, liability, and identity theft management. How does a district take the first steps to mitigate the risk of cyberse- curity attacks? CoSN recommends the following: 1. Patch software and operating systems, and be ready to aban- don software when it becomes obsolete. 2. TRAIN, TRAIN, TRAIN! Make sure everyone knows security awareness is their job and who to talk to if they make a mistake. 3. Build a sustainable, long-range plan for security. Besides con- sistent training, create a rotation of other areas of security like technical hardware refreshes, application reviews/updates, assessing which vendors may have VPN access to your net- work, etc.

4. Utilize resources like Depart- ment of Homeland Security (DHS) and MultiState-I Informa- tion Sharing and Analysis Center (MS-ISAC). They provide free monitoring and will help remedi- ate in some cases; they have a host of resources and tools. 5. For more information, please see the CoSN resource: Getting Started with Cybersecurity. CoSN also has resources to help districts rigorously evaluate their Cy- bersecurity Preparedness and plan for improvements: • Cybersecurity Self-Assessment: Rate your cybersecurity stance based on the answers to specific questions in the areas of: Man- agement, Technology, Business Continuity, and Stakeholders. • Cybersecurity Planning Rubric: The Cybersecurity Planning Rubric follows the Cybersecurity Self-Assessment by breaking down what cybersecurity maturi- ty looks like for each of the ele- ments of the self-assessment. • Cybersecurity Planning Tem- plate: The Planning Template is helpful in identifying the short, medium, and longer term actions to be taken to address gaps. Find all of CoSN’s Cybersecurity Resources at: https://cosn.org/cybersecurity

Page 1 & 2: » » CoSN Feature Article: 10 Steps to Address Data Security & Data Privacy

Page 3: » » 2018 Verizon Data

Breach Report Findings

Page 4: Cyber Trends » » Cyber Predictions for 2018 » » Best Practices for Cyber- security Page 5: » » Comptroller’s Corner » » City of Atlanta Attacked by Ransomware Page 6 : » » Facebook’s Tracking of Non-Users Sparks Broader Privacy Con- cerns » » Zuckerberg, Facing Facebook’s Worst Crisis Yet » » You Tube Accused of Targeting Children with Ads, Violating Federal Privacy Law » » Android Apps Violate Children’s Privacy Page 7 : » » States Issue Privacy Ultimatums to Education Technology Vendors » » Helpful Privacy Tools

Page 1

Made with FlippingBook - professional solution for displaying marketing and sales documents online