MINNEAPOLIS — School districts across Minnesota in last week’s election sought funding boosts to support technology upgrades and cybersecurity with mixed results.
In Hastings, votersrequest, which will generate $2 million per year to sustain classroom equipment and add additional safeguards to protect the data of students and staff. Mankato’s $105 million plan—which included cybersecurity—also got the green light.
But Rochester Public Schools failed in their attempt to shore up funding for cybersecurity as voters narrowly rejected a levy of $10.5 million each year for the next decade, which was in response to a breach they experienced this spring.
School officials say the cost of keeping sensitive information safe is increasing as security is more important than ever in wake of looming threats and attacks that have jeopardized the data of thousands. It’s prompting some districts to ask the legislature for additional funding.
“Cyberattacks are evolving and becoming increasingly sophisticated. It’s crucial to have strong defense,” Justin Hennes, senior director of information technology at Minneapolis Public Schools, told a panel of lawmakers on Monday. “The legislature and state agencies can help by funding cybersecurity services for education.”
Hennes testified aboutFebruary and its impact to the Legislative Commission on Cybersecurity, which had an informational hearing as the legislature readies for the 2024 session. Leaders and St. Paul Public Schools shared their experiences, too. All of them said support from lawmakers would be helpful.
Mario McHenry, executive director of technology of St. Paul Public Schools, shared a startling statistic: The district’s cyber insurance premiums soared by 98% from the 2021-2022 school year to the 2022-2023 school year. St. Paul is paying more than $117,000 for it this year.
In an interview Friday, McHenry said that jump was even lower than what schools elsewhere faced—an increase of 180%—because St. Paul is in “good standing” with its policies.
“You don’t have a lot of providers to start. And then obviously, with the impact of these breaches, it’s a lot of financial risk to take on, so your premiums are going to go up,” he explained.
The cost of dealing with a data breach climbed to an average of $4.5 million in 2023, according to an analysis from IBM.
The legislature in the most recent sessionso school districts can boost cybersecurity and physical building vulnerabilities. It also authorized the use of existing “safe to school” revenue, used for safety needs, for digital safety upgrades.
McHenry told lawmakers this week that additional support or flexibility with other funding streams so money can be used for cybersecurity expenditures would be helpful.
“You have to invest in these tools because the bad actors are. The bad actors aren’t worried about funds,” he said in an interview.
But funding for improved systems is just one part of the solution, according to Mark Lanterman, chief technology officer for Computer Forensic Services. Lanterman, a former member of the U.S. Secret Service Electronic Crimes Taskforce,that robust training of employees on the warning signs is just as essential.
“In the majority of the cases that I’ve investigated, it turns out that an employee was tricked into clicking on a link that downloaded malware which then compromised the organization,” he said at the time.