In Education the goal is twofold, to bestow knowledge and protect the well-being of the student body. Unfortunately, as reports of data compromise in education continue to climb, these security awareness gaps can betray that very interest.
According to the U.S. Department of Education, the Family Educational Rights and Privacy Act (FERPA) has been amended nine times since the law went into effect.
Additionally, as new laws come into play such as GDPR on May 25, it’s difficult for school’s to stay current with the changes and understand the do’s and don’ts of these regulations.
Important Facts About PII and Education — Security Awareness Matters
- FERPA was passed by Congress to protect students and their Personal Identifiable Information (PII)
- Successful phishing attacks on educational institutions put student PII at risk
- For Cybercriminals, PII is one of the most valuable assets on the dark web
- PII of a minor is an even more lucrative asset to obtain, as the theft can often go undetected for years, further exposing students as vulnerable targets
- Unlawful access to students PII puts their future at risk as well as their personal rights and safety
The Human Impact — Poor Security Hygiene Risks Breach
Verizon’s 2018 Data Breach Report estimated that of the breaches investigated featuring a social engineering component, 70 percent involved phishing scams. Transforming an administration into the trusted gatekeepers of your data, begins with training and education. The key performance indicators to improve your staff’s security posture start with:
- Compliance with FERPA and other regulatory laws
- Communicating the repercussions of non-compliance
- Understanding the fundamentals of phishing scams
- Creating awareness as to why Education is targeted by hackers
The Truth About Education and Social Engineering
Last year in the education (Read more...)
*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Jenna Hulbert. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/8JdySadsIbM/