Security Experts:

Connect with us

Hi, what are you looking for?


Risk Management

Education’s Digital Future and the End of Snow Days

Healthcare may be the first industry that springs to mind for many people when thinking about sectors that have had to suddenly, dramatically adjust due to the COVID-19 pandemic. 

Healthcare may be the first industry that springs to mind for many people when thinking about sectors that have had to suddenly, dramatically adjust due to the COVID-19 pandemic. 

But ask parents around the world, and they’ll likely say “education.” The traditional classroom was turned on its head in a matter of weeks, and some of those changes will be here to stay. 

Back in February there were no capabilities at scale for kids to attend classes from home. Fast forward a few weeks and millions of kids were attending classes and completing assignments remotely. 

As has happened in many other industries, apps are also getting their chance to disrupt the education paradigm. Application portals like j2launch and others are delivering an array of learning and quiz apps. Established apps like Kahoot! have been retooled for an educational setting. As a natural evolution of this phenomenon, gamification is being much more widely used to engage kids in learning.  

The results of all these efforts have been mixed, but the progress has been remarkable given the nature of education as an industry. It’s easy to imagine the highlights from school board meeting transcripts had this wave of change occurred any other time.

From a cybersecurity perspective, perhaps the greatest risk for digital education comes from the wide variation across districts in terms of resources. For some, laptops, apps and other technologies were already part of curricula. But in many areas, those assets are harder to come by, let alone IT departments and cybersecurity staff. 

And the concerns for online learning are legitimate: Malicious actors are always looking for new opportunities, and there’s evidence they’re already focusing on the education sector. Data from Microsoft has shown that education as an industry accounted for 60% of reported malware encounters in June — affecting more than 5 million devices in just 30 days. 

Legacy systems prevalent in many districts present other problems: misconfigurations, bad setups, software that goes for long periods without updates and patches. 

Add to all this the flood of devices connecting to these new systems and applications. An enterprise organization can maintain some control over the devices on its network. Those used by students could come from anywhere, and ensuring easy access is critical. 

BYOD and shadow IT are challenges for sophisticated organizations. Now districts with thousands of students and teachers face a world where every one of those users accesses their systems via multiple unknown PCs, laptops, tablets and phones. Since those devices are in the home, they could become a risk for other devices, potentially being used to attack a parent’s work laptop or to exploit other vectors. 

The trend toward gamification also represents both a huge new opportunity for education and new challenges. On one hand, having widespread data on success rates and trends that can be sorted by school, grade level and geography could offer real insights into education that we’ve never had before. Yet there’s potential to misuse this new flow of educational data to target students, teachers or districts. 

And then there’s that lingering difference between districts that have the resources to contend with these issues—and as a result perhaps offer a better experience for students, teachers and parents—and those that may be further behind. Will some districts offer high-end, bulletproof educational software while others are serving up marketing-laden freeware? 

Clearly there are many variables to contend with. District IT departments, already strained in normal times, simply cannot offer the cybersecurity resources to protect this kind of mass-scale rollout of new technologies in these highly unusual circumstances. 

Although the digitization of classrooms has exciting potential to help us build a more strategic and effective education system overall, we need broad engagement to make it really work for students. 

Vendors serving education and the security community must work hand-in-hand with districts to keep these new digital environments safe. Districts themselves should emphasize training programs for students and teachers that cover the basics of safely using technology, just like enterprises do.  

How will these new tools impact learning going forward? There’s clearly a widespread sense that kids do best in a physical classroom, but we’re likely to see a mix of in-the-room and online schooling for some time to come. 

Which leads us to perhaps the biggest risk to our education system as we know it, and the foremost question on students’ minds: Will there ever be another snow day? 

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem

Risk Management

In this virtual summit, SecurityWeek brings together expert defenders to share best practices around reducing attack surfaces in modern computing.

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...