Nov 21 2023

Q&A: Is Managed Detection and Response a Wise Investment for K–12 Cybersecurity?

Kristin Del Rosso of Sophos shares how MDR can fit into a school’s existing security portfolio, despite IT challenges.

Cyberattacks on K–12 schools have increased by more than 30 percent since 2022, according to the Center for Internet Security; the data-rich environment and higher likelihood of paid ransoms are attractive targets for criminals. Unsurprisingly, school IT staff members say that they feel unprepared.

Limited budgets are a major factor. According to the Consortium for School Networking’s State of EdTech Leadership survey, approximately two-thirds of school districts don’t have a full-time cybersecurity staffer, and the rest of the IT staff is typically spread thin over multiple functions.

Cybersecurity in cloud-based environments is also becoming more critical: A recent EdTech poll shows that most K–12 schools are now operating with cloud-based data storage.

To discuss challenges and solutions for K–12 school environments, EdTech: Focus on K–12 spoke with Kristin Del Rosso, public sector field CTO for Sophos, about managed detection and response (MDR) and how it can work to improve the security posture of K–12 environments.

LEARN MORE: Sophos solutions help improve a school’s security posture.

EDTECH: What is managed detection and response?

DEL ROSSO: Managed detection and response is a fully managed, 24/7 service in which experts detect and respond to cyberattacks that school IT staff might not have the resources to battle on their own. It essentially combines human expertise with protective technologies and advanced machine learning models to help experts investigate and neutralize attacks much more quickly than an individual staff member or IT team could.

EDTECH: Why can the K–12 security environment be challenging?

DEL ROSSO: K–12 schools are not the same as large, multinational corporations, and they provide a unique challenge for cyberdefense. Not only are you protecting people, specifically minors, but a corporation wouldn’t give a 6-year-old a computer.

Staff and students need access 24/7, and there’s a lot of personal data to secure — data that criminals are targeting. They’re particularly exploiting cloud-based technology, which has less-established security practices than on-premises equipment.

Click the banner below to learn more about deploying cloud technology in your schools.

Schools face the particularly difficult challenge of not only securing their environments but also training and educating children to be good digital citizens. They need to find the balance of keeping them safe in a world where you can’t function without technology.

EDTECH: What MDR solutions does Sophos offer schools?

DEL ROSSO: We have two service tiers: Sophos MDR Essentials and Sophos MDR Complete.

MDR Essentials is for organizations that have IT team members who can generally manage cyber incidents on their own, but who could benefit from a fully managed threat response team for major breaches.

MDR Complete includes a 24/7, fully managed protection, detection and response service that leverages our top-rated endpoint protection solution. You also get access to monthly intelligence briefings, so you have your finger on the pulse. Our goal is to take the burden of cybersecurity off your team. We can take on the heavy lifting so that you can focus on broader business and student priorities.

EDTECH: What do IT professionals need to know to properly employ this tech?

DEL ROSSO: The technology is very straightforward. You log in to Sophos Central and activate an account. From there, you can choose how you want us to respond to an incident, and the relationship can be tailored to your school’s or district’s specific needs. We are continuously building out integrations based on customer requests, so we can we can work with you no matter what tech stack your school is using.

DISCOVER: Elevate your school’s security posture as the new year approaches.

EDTECH: How does MDR benefit K–12 networks and environments?

DEL ROSSO: IT staffing at K–12 schools can be difficult. MDR is really useful because our experts can meet you where you’re at, whether you have one person on your IT staff or 10, or if you don’t really know what your cybersecurity portfolio should look like. We can use the existing technology you have in place, or we can bring in our Sophos solutions to help you best secure your environment.

That’s when having a 24/7 team of threat hunters and response experts really makes a difference. If you do find yourself in the middle of an incident, we have a team dedicated to finding, removing and mitigating attacks.

EDTECH: How else can schools benefit from Sophos’s expertise?

DEL ROSSO: We protect more than 7 million K–12 students in the U.S. with an approach to cybersecurity that helps schools build a more resilient infrastructure centered around the five core functions of the National Institute of Standards and Technology’s Cybersecurity Framework.

READ MORE: CoSN has a resource guide for NIST’s Cybersecurity Framework.

Many of our firewall and network security solutions were built for educational institutions. These include policy settings for compliance with local regulations and filtering features for internet searching that limit harmful content but allow students to access the resources they need.

We also have a million-dollar breach warranty that’s part of the MDR Complete subscription. The cost of cyber incidents continues to climb, not just because of ransoms but because of how much it can cost to get back up and running. Our solution covers up to $1 million in response expenses, which can be part of a comprehensive solution for schools.

Brought to you by:

ipuwadol/Getty Images

Learn from Your Peers

What can you glean about security from other IT pros? Check out new CDW research and insight from our experts.