How Change Management Can Fight Cyber Attacks in Schools

Security internet-screen-security-protection-60504

Six thousand students’ information is being held ransom from a cyber-attack that hit the Livingston, NJ School District on November 22.  Their classified information will not be released until the school pays a ransom or finds another way to get their data back.  In August, a New York School District paid nearly $100,000 from insurance.  Colorado’s DOT did not pay the ransom, instead paying $1.5M to disinfect their systems.  While we don’t’ know the amount of the ransom, we do know that the 2 men indicted, extorted more than $6M in ransom payments. Alarmingly, ransomware attacks have increased 4,445%, with over 500 compromised K-12 schools, in 2019 compared to just 11 in all of 2018. Change Management can help fight cyber attacks in schools.

How Ransomware Works

Ransomware needs a person to click on a bad link to work. Often, the link is in an email, disguised as coming from a trustworthy source. For example, cyber criminals can mimic an email from Amazon to a teacher or office staff for supplies they ordered because there was a problem with their account.  Once the hyperlink is clicked, the infection starts.

Other sources can be from shady attachments, QR codes or false software updates.  Once malware is activated, it can spread throughout the network, locking down data and holding school information hostage. A 2019 study by Kaspersky shows that 90% of data breaches are from people! Luckily, there are ways to reduce the chances of getting hacked.


How Ransomware Works


Why Schools Are Targeted

Cyber criminals target school districts and the valuable personal information they have on students, teachers, and administrators.  Most schools have insurance they use to pay the ransoms. In addition, they have limited budgets for preventative cyber security and little to no change management processes in place, making them easy targets.

How Change Management Helps Fight Cyber Attacks In Schools

Change Management processes can help.  The definition of change management, according to Prosci, is “the process, tools and techniques to manage the people side of change to achieve a required business outcome.”

Change Managers guide organizations on how to ensure people change their behaviors.  With a school cyber-attack, for example, Change Managers get teachers, administrators, students and anyone else with access to the school network to identify and avoid links and attachments from suspicious sources.  In addition, they educate about the dangers of connecting personal devices to school computers.

A change management approach uses various methods to change the culture and minimize the risks from hackers.  Communication, Senior Leader Sponsorship, Coaching, Training and Resistance Management are some of the tools used to support the processes of Planning, Managing and Reinforcing the desired change.

Organizations don’t often see the value of investing to protect their assets and, sadly, pay the price.  Investing in Change Management and Cyber Security at the school district level is well worth the cost of getting hacked. The costs of change management are a fraction of the costs and headaches of a cyber-attack.

Posted in

Contact us to learn more!