To avoid being in this position, take the time now to focus on improving your network segmentation (by separating them into appropriate VLANs with access control rules and proper port control) and firewall geo-blocking. If you don’t have an information security professional on staff who knows how to do this, enlist the help of a third-party expert.

Time is of the Essence

A properly configured network that’s adequately monitored can alert you to any suspicious cyber activity early enough to intervene and significantly reduce and/or prevent a ransomware attack from taking hold of your data. This is important to note, because some people mistakenly assume attacks happen in an instant or a matter of hours. The average time to detect and contain a breach is 287 days. That’s 100 more days than the average school year of 180 instructional days.  And the bad news – that’s if you have a properly configured network that can help you identify threats, not a flat network that further hides attacks.

Close the Back Door

All cyberattacks require a round trip through the firewall, so think of it like this: when you have a flat network, it’s like you have a thousand security guards at the front door to make sure nobody can come in (keep in mind, though, that these are untrained security guards and half of them are asleep). What about the back door? Absolutely no one is paying attention to anyone coming and going. This is another critical piece of the security puzzle. Administrators must remember that your ingress is just as important as your egress. In other words, it’s just as crucial that you know what’s leaving your firewall as it is to stop things from coming into it.

Reevaluating Your Third-Party Relationships

Working with an external security advisor is a smart and responsible measure for districts and schools to take. But not all of these relationships are created equally. For example, some districts rely on a third-party but have zero internal knowledge themselves. This might be all fine and well when things are going smoothly, but what if disaster strikes and you can’t reach your partner? In such a case, seconds matter. You don’t have time to waste.

So, whether you’re responsible for managing the network or you do it in partnership with a third party, it’s critical that there are at least two people within your organization who have an appropriate level of knowledge of the network and are readily available should they be called upon. This is important because the vast majority of cyberattacks happen during off hours when fewer people are watching for them. For schools, this could be in the evenings, weekends, or over extended holiday breaks. Because of this, you need to have two plans – one for a middle of the night attack and one for securing help over a holiday weekend.

Be Sure About What You’re Getting

Many school networks were built on grant money, or through donations, with no support budget built in. So, a school might receive an equipment donation, which they’re more than eager to snap up. But, if it doesn’t come with ample budget for support, it could end up doing more harm than good from a security perspective. If you’re being offered something for free (or without ongoing budget for support and maintenance), take the time to gain appropriate knowledge about it and ensure you have enough resources to support it moving forward.

When it comes down to it, an attack like the one at LAUSD doesn’t need to be successful. Your school and entire district can gain a lot of ground on the preventive front by going back to basics. Forget flat networks, instead setting up your network to segment and protect your data. This doesn’t have to be super complex or expensive; it just needs to be done thoughtfully. Once you do, your security will be tightened up and you’ll be able to breathe more easily.