TRENTON, N.J. – A bill that would strengthen cybersecurity in colleges and universities, sponsored by Assemblymen Greg McGuckin and Paul Kanitra, passed the Assembly Monday.
Cyberattacks targeting schools are on the rise. The real-life implications were felt in January when an attack compromised essential network systems and forced the entire Freehold Township School District to close for a day. To combat this growing threat, their bill (A817) requires institutions of higher education to have established cyber security plans.
“Colleges and universities can best protect sensitive information and networks by being proactive, not reactive, which our bill requires,” McGuckin (R-Ocean) said. “Should there be a breach, those institutions must have an updated, detailed plan to recover as quickly and safely as possible.”
Those institutions’ plans must address potential security risks and the ways those will be monitored and mitigated. Those plans must be regularly updated to reflect current technologies and information security techniques. Any cyberattack must be reported within 72 hours to the New Jersey Office of Homeland Security.
Organized foreign crime syndicates most often carry out cyberattacks, preying on the vulnerability of understaffed IT departments and dated security systems. While ransomware attacks are most common, colleges and universities are also vulnerable to data breaches and leaks; phishing attacks; and social media vandalism. According to Educause.edu, there was a 15% increase of cyberattacks against colleges and universities in the first quarter of 2023 compared with that same timeframe in 2022.
The recovery from a cyberattack can cost more than $1 million.
“These attacks affect everyone, because ultimately a vulnerable school costs taxpayers money,” Kanitra (R-Ocean) added. “We need to ensure sensitive data and wallets are protected.”