“Education is our core business, and you need a plan that will allow you to continue to do that work in times of crisis,” he said.
However, “it takes a crisis to get attention” from leadership, he added, noting that without leadership support, any plan created would have “no teeth.”
DISCOVER: How to make the case for security spending.
Presenters Bring Incident Response Planning to Life
Thompson outlined incident response, business continuity and disaster recovery as the three prongs for addressing a cyber breach. He also stressed the importance of creating a cybersecurity framework and pointed to the National Institute of Standards and Technology as a starting point.
And while ransomware probably grabs the most headlines, schools must contend with and have a plan for six types of cyberattacks, including malware, distributed denial of service, advanced persistent threats, phishing and Internet of Things-based attacks.