As part of the Forefront Events national K-12 school roadshow, AARNet supported the recent ICT in Schools Summit VIC 2024 held in Melbourne.

ICT in Schools summits bring together senior IT leaders, principals and business managers from the K-12 community to share knowledge and exchange ideas around the opportunities and challenges of integrating technologies to improve service delivery, cyber security, and data management.

Panel discussion

AARNet’s Security Services Portfolio Manager, Nick Cross, moderated a panel discussion emphasising the importance of taking an holistic approach to cyber security for schools and for safeguarding against threats. The panel was comprised of senior ICT representatives from Victorian schools. They shared their varying levels of progress in maturing their cyber security strategies and the challenges they face in developing processes to protect their faculty, staff and students.

A key takeaway from the session was the shift in perception regarding cyber incidents. Schools no longer view these threats as mythical. With a growing number of cyber attacks on large organisations, universities and schools reported in the media, senior leaders are now recognising the very real risks. It is evident that the question is not if, but when a school will be targeted.

The session also highlighted some best practices for governance and risk management. Recommendations included risk governance be managed at a senior level, such as by the principal or school board, rather than being overseen solely by IT managers, as is common in many schools.

Participants discussed the challenges of navigating the constantly evolving cyber security landscape. They highlighted issues such as the expanding definitions of personally identifiable information (PII), the increasing sophistication of social engineering attacks, and the need for solutions that ensure their systems and training can keep pace with these changes.

Tools to help schools

To mitigate some of these issues, the panel suggested several options. These included utilising external Security Operations Centre (SOC) providers to manage incident monitoring and free up internal staff resources, conducting tabletop simulation exercises to help prepare staff, and seeking third party assessments to identify any security deficiencies in systems or processes.

AARNet will be participating in the upcoming ICT Schools Summits in Brisbane on 18 July and Perth on 13 November.