IBM Gifts $3M to Boost School Cybersecurity

IBM today said it will award $3 million in grants to help public schools boost their cybersecurity efforts. The grants, valued at $500,000 each, will go to six U.S. school districts and be delivered via IBM’s Service Corps Program to help the districts proactively prepare for and respond to cyberattacks. IBM today said it will award $3 million in grants to help public schools boost their cybersecurity efforts. The grants, valued at $500,000 each, will go to six U.S. school districts and be delivered via IBM’s Service Corps Program to help the districts proactively prepare for and respond to cyberattacks. School districts can apply for the grant through March 1 at IBM.org, and IBM will announce the recipients shortly after. The grant will be an in-kind contribution in the form of dedicated resources and hours performed by IBM Service Corps teams of up to 10 volunteers per district. IBM says it will select school districts based on their level of cybersecurity needs. “These services are going to be aimed at helping to improve schools’ cybersecurity postures, and when I say cybersecurity posture, it’s how do they update their incident response plans? How do we conduct basic cybersecurity training? How do we implement proper communications and collaboration and coordination during an attack,” said Christopher Scott, director of security innovation, office of the CISO at IBM. “There’s a lot of different aspects of how to help them become better.” The grant announcement follows a December alert from the FBI warning that 57% of reported ransomware incidents between August and September 2020 involved K-12 schools compared to compared to 28% of all reported ransomware incidents from January through July 2020. There are a couple things that make schools an easy target for cybercriminals, said Dustin Glover, CISO for the state of Louisiana. Glover was called in, along with the National Guard and IBM volunteers, to help when the Tangipahoa Parish School System was hit with ransomware in 2019. “One is that school districts have a very large endpoint count,” Glover said, speaking on an IBM-hosted panel about cybersecurity in schools. “The school district is generally the size of a medium or small business or enterprise with about 30,000 computers or more.” Plus, schools have a unique device management environment, he added. Teachers and students use these computers daily from late August until the following June. During the summer months, however, while the schools undergo building maintenance and upgrades, “these computers are unplugged, turned off, and not touched again until August,” Golver said. Once school starts up in the fall, “all the computers are plugged back up, and the students flood in, and the teachers flood in, and they start accessing all kinds of stuff, working on emails, opening files and such,” he continued. Meanwhile, the computers haven’t been patched over the summer. “Those computers are almost always missing three months’ worth of patches, so that gives the attackers an opportunity to deploy or target malware to those assets that do not have a likelihood of being patched,” Glover said. And this, of course, is the best-case school scenario that doesn’t account for remote learning and students and teachers using their own devices connected to their home networks. The COVID-19 pandemic and resulting remote learning gave attackers even more opportunities — and a much bigger attack surface. In response to the growing ransomware attacks against schools, IBM and Morning Consult conducted a study of 1,000 U.S. educators and administrators in K-12 schools and colleges to better understand the level of cybersecurity awareness, preparedness, and training within schools during the shift to remote schooling. The results demonstrate the growing need for improved security education and skills. Nearly 60% of educators and administrators said they aren’t sure or haven’t received new cybersecurity initiatives or training for remote learning, despite 78% of educators currently utilizing some type of online learning. More than half have not received cybersecurity training, and nearly 50% aren’t familiar with videobombing despite its popularity during the pandemic. Meanwhile, one in five surveyed said one of their peers had experienced video-conferencing related security issues during class. While administrators are nearly 20% more likely to receive cybersecurity training than educators, they are still unaware of critical information relevant to protecting their schools. For example, 83% of administrators expressed confidence in their school’s ability to handle a cyberattack, yet more than 60% are unaware if their school even has a cyber insurance plan. Most of these difficulties come down to funding, as over half of educators and administrators surveyed said budget is a large or medium barrier in strengthening their school’s cybersecurity posture.