Security

Artificial Intelligence and Machine Learning Play a Role in Endpoint Security

ML-enhanced endpoint protection can keep schools safe from cyberattacks. Here are three benefits district leaders will find when investing in this advanced technology.

Alexander Huls

Twitter

Alexander Huls is a Toronto-based writer whose work has appeared in The New York Times, Popular Mechanics, Esquire, The Atlantic and elsewhere.

Long before the pandemic, K–12 cyberattacks were a serious concern. The shift to remote learning has only increased the danger. “Supporting digital transformation initiatives and a remote work model has led to a dramatic increase in the exposed edges of the network,” says Bob Turner, field CISO of higher education at Fortinet. “At the same time, malware, ransomware and other threats continue to challenge schools by exploiting inconsistently protected endpoint devices.”

The effects of an attack can be significant. IBM’s “2021 Cost of a Data Breach Report” notes that it can take an average of 287 days to identify and contain a data breach — and the longer it takes to identify, the more costly it becomes.

K–12 institutions have discovered an emerging solution: machine learning–enhanced endpoint protection. A type of artificial intelligence, machine learning uses immense computer power and algorithms trained on large amounts of data. It learns comprehensively to apply the knowledge it gains to monitor and render insights at a scale beyond human ability.

Click the banner to discover CDW’s modern solutions for data security in K–12 education.

Traditional endpoint protection is reactive, responding once something has happened. Endpoint protection with machine learning is proactive, capable of studying an almost limitless amount of network traffic, logging information and app installations for anomalous activity. “Security technologies with artificial intelligence capabilities have the potential to anticipate attacks and counter them in real-time,” says Turner. “Given that cyberattacks occur in seconds, the speed brought by AI-driven security technologies is crucial.”

That’s not the only benefit. Here are three more:

1. Scale Security as Endpoints Increase

Because of the recent shift to remote learning, the number of endpoints has exploded. “Thousands upon thousands of new Chromebooks just magically appeared out of nowhere at school divisions that never had a one-to-one program before,” explains Tim Tillman, CTO of Chesterfield County Public Schools in Virginia. That’s created a significant challenge.

Protecting so many users and devices from cyberattacks is no easy task. “These environments are really hard to lock down because they sprawl,” says Victor Marchetto, senior information security field architect at CDW.

ML-enhanced endpoint security can sprawl easily because it’s not limited by number of endpoints or geography — only by the budget to acquire it from a service provider and computer power. It can cover all the additional devices that have made their way into school ecosystems without any strain or loss of performance.

2. Relieve Understaffed K–12 IT Teams

School districts have long struggled to meet their cybersecurity staffing needs. “They’re like a small business in terms of staffing, but they’re more like a big enterprise in terms of scale,” says Nicko van Someren, Absolute Software’s CTO.

Tillman can attest to that. “I have 65 schools and 65,000 students,” he says. “I have one person who does cybersecurity.”

The recent expansion of endpoints has only increased the challenge of hiring sufficient staff to protect schools, especially with the growing threat of ransomware attacks heightening the stakes.

I have 65 schools and 65,000 students. I have one person who does cybersecurity.”

Tim Tillman CTO, Chesterfield County Public Schools

The “machine” part of machine learning means a smaller staff isn’t a concern. ML can do the work of several people, and do it with a singular focus not possible when staff members, teachers or IT leaders are pulling double duty as the resident cybersecurity professional.

That’s not to say AI/ML is a replacement for humans. While AI-driven security solutions can be configured to automatically respond to threats, they will also notify staff as appropriate — but only under certain conditions, ensuring staff can go about their regular work of managing the technology environment until a true threat appears.

3. Save the District Money with Advanced Protections

K–12 districts often don’t have significant cybersecurity budgets. That’s partly why endpoint protection is so underfunded. Machine learning offers a cost-effective solution. “It’s about helping them do more with less,” says Someren.

AI/ML can offer enhanced protection, without increasing staff or putting a major dent in a school’s budget. Because machine learning is advanced technology, it may not be cheap. However, “one dollar spent on the preventive response capabilities of any organization is going to equal five or six dollars spent dealing with a disaster,” says Marchetto. “It’s definitely more expensive to have to deal with a fire than to buy a fire extinguisher.” That’s especially true as, increasingly, the cybersecurity insurance market refuses to provide policies to school districts unless a certain level of a security has been met.

EXPLORE: Download the checklist to grade your school’s cybersecurity preparedness.

Despite the ability of ML-enhanced endpoint protection to improve security, schools should not depend solely on it. Security training and awareness among administrators and staff is still crucial. “Effective cybersecurity balances people, processes and technology,” says Turner. What AI-driven endpoint protection offers is a comprehensive safety net — one that is kind to budgets, supportive of staff limitations, can scale with the rise of remote learning and provide peace of mind.