Page 21 - The Edge - BTS 2021
P. 21
AASBO SUMMER CONFERENCE
BY DON HARRIS
Wes Gates Marijon Anderson Albert Magallanez
Cyber Crime Is Not Going Away – It’s Increasing
Cyber attacks continue to plague school districts, but “Be super strict with cyber security policies,” she said.
there are strategies and tactics that can provide protection “Districts should also conduct regular phishing tests. If
and minimize the losses. you don’t have them, we suggest you do them quarterly.”
Wes Gates, Chief Information Officer for the Arizona School Anderson recommended implementing an air gap
Risk Retention Trust, Marijon Anderson, Risk Management backup system so you don’t have to pay any ransom. It’s
Analyst for The Trust, and Albert Magallanez, Director of a system not on district premises that is not connected to
Technology Services for Continental Elementary School the district’s server. It is completely separated.
District, gave AASBO members an idea of how cyber
insurance trends impact school districts. “The information you give us stays with us,” she said.
“We help you get safe. You can work directly with us
“Hope for the best – expect the worst.” and we will help you. We have a lot of resources.”
– Wes Gates Gates explained that The Trust has expanded its Cyber
Outreach Program to assist members and is increasing
Gates made it clear that cyber crime is not going away its staff. In addition, The Trust is introducing pre-
and that it figures to get worse. In a breakout session at conditions of coverage for the 2022-2023.
the AASBO Summer Conference in Tucson, he said it’s
not a case of if a district will be victimized, but when. “The benefits of being in a pool is that The Trust is working
The potential impact on a district will depend on the closely with its reinsurers to get the most favorable
level of cyber insurance you have, Gates said. coverage and rates for its members without the severe
Several recent examples of significant cyber attacks impact of the current insurance market,” Gates said.
nationally were cited, with a new record being set every
year. As of July, there were 54 additional significant He mentioned several cyber security services The Trust
cyber incidents this year, and 65,000 ransomware attacks offers, all of which are intended for IT managers, with
expected in 2021. most recommended for business managers and risk
managers as well.
Commenting on cyber insurance trends, Anderson said,
“Cyber is the most volatile and fastest changing line They focus on cyber risk assessment; cyber security
of insurance from a premium, structure, wording, and incident response planning; virtual chief information
claims standpoint. Cyber insurers are implementing security officer services; cyber education and awareness;
significant pricing and underwriting actions.” IT policy templates, and vulnerability assessments.
She said most carriers are reducing capacity and limits AASBO members were assured that assessing their cyber
and “cherry-picking” clients, and some are not renewing vulnerability would not adversely affect their insurance rate.
coverage for some clients.
“Ransomware now accounts for 75% of cyber claims,” Magallanez, of Continental Elementary School District,
Anderson said. told of an incident where a hacker created a legitimate
gmail account and posed as a teacher. The hacker started
Because cyber incidents are growing in sophistication, a simple correspondence with a payroll person, and then
frequency, and are more costly, Anderson said The Trust wanted to make a change for direct deposits.
recommends that school districts increase their cyber awareness
and maintain strict compliance with cyber security policies. Magallanez said it didn’t look suspicious, so the payroll
CONTINUED ON PAGE 22
21
