IBM has announced in-kind grants valued at $3 million to help strengthen cybersecurity in schools. These grants will be awarded to six school districts in the United States to sponsor teams of IBMers to help them proactively prepare for and respond to cyberattacks. Services will be delivered by teams deployed via IBM’s Service Corps Program.
The grant is being announced following a December alert from the FBI warning that nearly 60% of reported ransomware incidents between August and September 2020 involved K-12 schools, a 29% jump from the months prior.
In response to the growing ransomware attacks against schools, Morning Consult conducted a study, sponsored by IBM, of 1,000 U.S. educators and administrators in K-12 schools and colleges to better understand the level of cybersecurity awareness, preparedness and training within schools during the shift to remote schooling. The results demonstrate the growing need for improved security education and skills, as more than half of U.S. educators and administrators have not received basic cybersecurity training from their institutions despite new remote learning protocols.
Key findings from those surveyed include:
- Need for Training: Nearly 60% of educators and administrators say they aren’t sure or haven’t received new cybersecurity initiatives or training for remote learning, despite 78% of educators saying they’re currently utilizing some type of online learning.
- Educator Awareness: More than half have not received cybersecurity training and nearly 50% aren’t familiar with videobombing, despite its popularity during the pandemic and nearly 1 in 5 saying one of their peers had experienced video conferencing related security issues during class.
- Level of Concern: Despite growing headlines about ransomware attacks on schools, half of educators and administrators aren’t concerned about an attack against their own institutions.
- Security Knowledge: While administrators are nearly 20% more likely to receive cybersecurity training than educators, they are still unaware of critical information relevant to protecting their schools. For example, 83% of administrators expressed confidence in their school’s ability to handle a cyberattack, yet more than 60% are unaware whether their school even has a cyber insurance plan.
- Budget Constraints: Over half of educators and administrators surveyed said budget is a large or medium barrier in strengthening their institution’s cybersecurity posture.
IBM’s new education cybersecurity grant will help U.S. public school districts better prepare for growing cyberattacks including ransomware. A total of six grants of in-kind services, valued at $500,000 each ($3 million in total), will be awarded in 2021 to school districts that apply for the grant via IBM.org. School districts can apply between February 4 and March 1, 2021 and recipients will be announced shortly after. School districts will be selected to receive the grant based on their level of cybersecurity needs and how they meet the criteria outlined by IBM.
While previously, IBM employees have helped local municipalities manage such cyberattacks, this initiative announced today will help formalize IBM’s community service efforts to help schools prepare for and respond to cyber threats. The grant, created as part of IBM’s Corporate Social Responsibility initiatives, will be an in-kind contribution in the form of resources and hours performed by IBM Service Corps teams of 6-10 people per district. Volunteers will be carefully selected based on their skills and will provide services including developing incident response plans, providing basic cybersecurity training such as password hygiene and implementing strategic communication plans to use in response to a cyber incident.
IBM Service Corps enables teams of employees to help communities with economic development, education, health, social services and sustainability. In 2020, approximately 2,500 IBMers contributed more than 100,000 hours on various Service Corps projects.
“Ransomware attacks on schools have become the new snow day for students,” said Christopher Scott, Director of Security Innovation, Office of the CISO, IBM. “Stay-at-home orders, and the switch to remote learning, have changed the focus for cybercriminals looking for easy targets as everyone from kindergartners to college professors have adopted remote technologies. And with budgets focused on new ways of learning, many schools are in need of additional resources and technology to change the dynamic and lower the financial ROI for the bad guys targeting them.”
IBM Security X-Force suggests educational institutions consider the below recommendations to better prepare for, and respond to, cyberattacks like ransomware:
- Prepare and budget for cybersecurity by creating incident response plans and exploring resources like cyber insurance.
- Train staff, students and parents and provide clear guidelines for device usage, passwords, secure Wi-Fi connections and video conferencing.
- Test and patch critical systems, especially those used across multiple schools to avoid widespread impact and make use of the cloud to securely store and backup data.
- Embrace the Cloud, use cloud and SaaS tools when possible, and backup files offline to help ensure their recovery.
- Stay educated and collaborate through information sharing to be aware of potential threats and vulnerabilities and build relationships with law enforcement for further collaboration.
K-12 public school districts based in the United States that are interested in applying for IBM’s education cybersecurity grant can apply via IBM.org’s security grant page.