Thursday, 1 October 2015

State auditor to examine cybersecurity in Missouri schools

JEFFERSON CITY, Mo. — State Auditor Nicole Galloway on Wednesday announced the launch of a cybersecurity audit initiative in Missouri schools.

The initiative will focus on identifying practices that improve the security of information that schools have on students and their families.

“For every parent who has provided health records to the school nurse, authorized bank debits for a lunch plan or exchanged emails with a teacher about concerns in the classroom, there are real consequences to having that information released to individuals who might seek to profit from or exploit it,” Galloway said in a statement following a news conference in which she announced the program. “Parents deserve to know their children’s schools have taken precautions to keep their children’s personal information secure.”

The Boonville, Cape Girardeau, Orchard Farm, Park Hill and Waynesville school districts were selected for the first round of audits through the initiative; additional school districts will be named next year.

The audits will focus on the effectiveness of existing cybersecurity safeguards. They will review the school districts’ ability to detect a cybersecurity breach and the planned response for a breach, student personal information accessibility and protection, technology use policies, and student and staff privacy, and security awareness training.

Although no Southwest Missouri school districts will be part of the first round of audits, some local school officials said Wednesday that they think they would be well-prepared to protect sensitive data and handle breaches.

A security breach is something the Carl Junction School District has been tested by before. Several years ago, a new, undiscovered computer virus hit the school district and pulled about $190,000 out of its bank accounts, most of which was later recovered, Superintendent Phil Cook said.

Technology director Marshal Graham said the district learned from that incident. Its security policies now have multiple layers, requiring technological protections such as firewalls and anti-virus software as well as training for staff members who have access to sensitive data.

“One of the most important things we can do is just monitor what goes on on our network and keep track of those things so that we’re aware when something is abnormal,” he said.

View the original content and more from this author here: http://ift.tt/1hdbTir

 



from cyber security caucus http://ift.tt/1iNwpr3
via IFTTT

No comments:

Post a Comment