intelligent

What are the implications for organisations that fall foul of proper handling of personal data ?

Several aggregated stats on educational institution data breaches in the US can be found here : https :// www . comparitech . com / blog / vpn-privacy / us-schools-data-breaches /

According to the IBM Cost of a Data Breach Report in 2021 , the average cost of US $ 161 million per lost or stolen record and the average cost of a breach in the education sector is US $ 3.79million .

Can you provide any interesting or innovative suggestions on how teams in this industry can instill a strong security culture ?

Irfahn Khimji , Chief Systems Engineer at Tripwire

The education system has some great ways to teach safety and security of their physical environments . Students as early as elementary school have activities like fire drills and other education sessions geared towards safety and security . Similar types of activities can be used for digital and online safety .

Culture change is not easy to do , it requires everyone to individually practice what they preach . Thus , practicing safe cybersecurity needs to start from the ministers of education to the school boards , to the deans , principals , councillors , teachers and the students .

In parallel to this , the teachers , students and everyone else involved in the education process need to learn about risks of the new teaching environment . For example , just like how everyone in a school is taught basic physical safety , everyone needs to be taught basic digital safety . Thus , security awareness training should be a key component to the education system .

There will be times when people make mistakes , but there needs to be the appropriate education mechanisms in place to teach and remind everyone of the appropriate safety procedures .

What advice would you offer to teams with limited resources on creating a simple but effective data security strategy ?

The most effective thing teams with limited resources can do is to focus on the basics .

Spend time on educating the users , monitoring what devices and users are accessing what systems , and help ensure that those systems are configured securely and up to date with the latest security patches to safeguard the integrity of the digital assets . �

THE MOST EFFECTIVE THING TEAMS WITH LIMITED RESOURCES CAN DO IS TO FOCUS ON THE BASICS .