Four out of five schools have experienced a cybersecurity incident…

An article review.

While it seems like these days every organization faces cybersecurity threats, as we’ve pointed out in the past schools are an increasingly attractive target to hackers—and a new audit carried out by the cybersecurity wing of the UK’s Government Communications Headquarters (GCHQ) seems to confirm it: by their reckoning four out of five schools have experienced a “cybersecurity incident,” and one in five admit to students inappropriately accessing school systems.

The audit, which was conducted in conjunction with the London Grid for Learning, went on to find—unsurprisingly—that essentially all schools found losing access to network services would cause “considerable disruption,” and that nearly 70 percent had been targeted by a phishing attack.

The audit wasn’t all negative, though. Nearly all schools (95%) reported having firewalls and antivirus systems in place, along with regular data backups and software patches. But while 85% reported having a cybersecurity plan, less than half reported having a business continuity plan—something that would become vital should an essential network resource become unavailable.

As we’ve said before, schools often face limited IT budgeting and staff, meaning what resources exist are devoted toward “keeping the lights on” computationally…But as those school systems that have been taken offline can attest to, the costs of not being prepared can easily exceed what it would have cost to prevent the incident in the first place.

Original article by Steve Ranger, writing for ZDNet.