Hackers, hoaxers and nefarious hucksters are actively targeting people like you and me through email, text messages and other online avenues. You may have noticed gift cards being offered to thank you for shopping at stores you’ve never patronized; urgent alerts that your social media, email, bank account or credit card is being inactivated unless you take immediate action; or a pop-up on your screen that your computer has a virus along with a link to get help in cleaning it up. Information we have stored on computers has become a gold mine for sophisticated criminals to victimize the unwary and cause billions of dollars in losses.
Your charter school could also become a target for cybercriminals. Potential risks include identity theft from student and staff records, denial-of-service attacks that overwhelm your network, and ransomware that takes your data hostage until you pay to get it back. Remote learning and more employees working from home have increased the number of routes for the bad guys to breach your systems. These are just a few ways harmful intrusions into your devices, networks, and databases can disrupt your operation and expose you to millions of dollars of data breach response and cyber liability losses.
"Harmful intrusions can disrupt operations and expose you to millions in losses."
One additional threat your charter school faces is inadequate coverage. Your cyber liability program may be defined by a predetermined coverage program with limits that may not align with your actual exposures. An evaluation of your cyber/data security breach risks and mitigation strategies can better protect you and help you select the right program matching your needs.
You also want to take steps to address your biggest vulnerability – the people who use your computers and networks. Cybercriminals know the easiest way to get into your system is through an unwitting person opening the portal for them. Train your staff and students to recognize malign social engineering techniques, like “phishing” (luring someone to give over access credentials) and “spoofing” (someone posing as a legitimate business to gain access to an account). Training equips authorized users with knowledge and awareness to avoid becoming victimized.
