You've successfully subscribed to INFIMA Security
Great! Next, complete checkout for full access to INFIMA Security
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info is updated.
Billing info update failed.

Maryland School Hack - A Lesson For The Rest of Us

After auditors highlighted security risks, one school was hacked, others left in fear.

Audits can be unpleasant. It's never fun to be judged. But it can be effective!

Schools in Baltimore County recently received their audit report. Later that same day, they got hacked.

“An incident like this becomes a case study,” - Spokesperson for Anne Arundel County Schools (Maryland)

This isn't the first time that a Maryland school has received a worrisome audit report. In fact, these audit findings quite commonly identify consistent security risks. Seems like an easy solution then, right?

Unfortunately, schools are notoriously tight on budgets. And educators are completely overwhelmed with the transition to online learning.

School systems lack the resources and support they need to adequately manage security risk.

After the Baltimore hack, Chip Stewart, Maryland's Chief Information Security Officer (CISO), received a steady stream of calls from IT chiefs from around the state.

Naturally, every IT manager wants to keep every employee and student safe. But they need a place to start. Cybersecurity is multi-layered, and it takes strong technology, policies and people.

Ultimately, the “first and last line of defense” is people. - Chip Stewart, Maryland CISO

We regularly see end user security training as a gap in audit reports. One point of good news is that this gap can be solved quite easily!

Whether you look at these audit reports, NIST's guidance or CISA's pointers, several items are clear:

1. End User Security Awareness Training
2. Two-Factor Authentication
3. Patching
(go deeper on these here)

These are items that consistently come up, and are your first steps to greater cybersecurity maturity in any organization.

The first step is training your team to avoid the initial Phishing email, the ones that school staff are getting every single day.

Are you ready to take action?
We make it easy to protect your team from attacks just like this one. Find out how to protect your team with INFIMA's Automated Security Awareness platform.

Start with a quick quote - hit us up here! (No sales call necessary!)

Appreciate the great reporting from Baltimore Sun here
[https://www.baltimoresun.com/education/bs-pr-md-baltimore-county-ransomware-20201203-20201204-5g3he4yi2je6npug3vcf7zih3i-story.html]

EducationSales
Joel Cahill

Joel Cahill

Cybersecurity enthusiast. Entrepreneur.

You might also like

Criminal Courts Hacked, Docs Leaked

Criminal Courts Hacked, Docs Leaked

With Courts sending and receiving tons of email with attachments, they are a ripe target for a crafty Phish.

Joel Cahill
Joel Cahill
Legal
What Do Canon, Jack Daniels and Carnival Cruises Have In Common?

What Do Canon, Jack Daniels and Carnival Cruises Have In Common?

You may patronize each of these companies on vacation, and now hackers are taking a lot of that money for themselves.

Joel Cahill
Joel Cahill
Hospitality

Featured Posts

CIS Control 14 and Security Awareness Training

CIS Control 14 and Security Awareness Training

Let's Dig In: Security Awareness & Compliance

Let's Dig In: Security Awareness & Compliance

Cyber Insurers Tighten Requirements

Cyber Insurers Tighten Requirements