In January 2023, An Arizona school district was hit with ransomware. They’re still dealing with the fallout! This month, The district confirmed that confidential info of 29,000 students, staff, and parents may have been breached. The breach has cost millions of dollars so far.
Their missteps are important lessons for businesses who want to avoid costly breaches.
What Happened?
In 2018, a security audit of the district’s systems revealed key vulnerabilities including:
- Weak password requirements
- Former employees retained access after termination
- An insufficient incident response plan
The district addressed these vulnerabilities. However, the increased security may have stopped there.
Basic security controls like multi-factor authentication and EDR weren’t implemented until after the breach. It’s unclear if these were not implemented because they were seen as unnecessary, or they were not budgeted for Either way, security was not a high enough priority until after the breach.
What Can You Learn?
Security breaches are an unfortunate reality. But learning from them is the best way to prevent them from happening to you. Our top three takeaways:
- Don’t Stop at One Audit – An audit is a snapshot of your security at a given point in time. Vulnerability scans should be regularly scheduled. This helps you stay on top of security as your network changes.
- Update Your Toolset – The minimum recommended tools five years ago are not the same as today. Major shifts in security tech make it harder for hackers to succeed.
- Adopt a Security Mentality – IT Security is more than a collection of tools, it requires buy-in from everyone. Leading organizations recognize security as an investment rather than a cost. Team members at all levels know that an ounce of inconvenience is worth a pound of remediation.
IMPORTANT – Coming Soon from LeeShanok
Due to the increasing prevalence and severity of cyberattacks, we are releasing new Minimally Viable Cybersecurity Standards for all clients. If you are a current client, expect an email in the coming weeks detailing our minimum recommendations for securing your network.
