Cybersecurity Compliance is Only Half the Battle for EdTech

TechCrunch recently reported on accusations levied by the Federal Trade Commission against edtech giant Chegg – the FTC filed a legal complaint earlier this week indicating that Chegg’s lapses in cybersecurity compliance has resulted in numerous separate data breaches in recent years, and that these breaches were avoidable with better cybersecurity practices.

Sai Huda, CEO of CyberCatch, explains that cybersecurity compliance is only the first step in ensuring data security for edtech customers. The knack is ongoing maintenance and management of those security systems to identify and plug holes as needed – with thousands of attacks levied against educational institutions, hackers will always find vulnerabilities and exploit them.

Sai’s Thoughts

“Along with that, there’s gotta be two other things they’ve gotta do. One is they’ve gotta test those controls regularly. So just implementing the hundred eight controls and thinking you’re in compliance, it is just step one, the step 2, 3, 4, 5, 6, 7, 8, 9, 10 are to continuously test those controls because controls will break.

So, the key is to find those control failures, those security holes before the attackers do, and then plug them, and therefore the attackers will not be able to exploit those security holes and will not be able to be successful. The third thing the school sector must do is to have an incident response plan because it’s not a question of if, but when an incident will happen.

So the key is to be able to detect this incident and then to be able to respond so that damage is mitigated so that perhaps ransomware isn’t spread. Perhaps it can be curtailed. Data can be prevented from being stolen. Incident response plan is also key, and it must be implemented. That’s the way to be successful.

K12 schools are definitely in line of sight of attackers. CyberCatch scanned over 11,000 websites, internet facing assets of K-12 schools in the US and we found over 60% having vulnerabilities attackers can easily exploit break in, install ransomware and steal data.

So, this along with the FTCs order, should be a wakeup call for the whole K-12 sector to be proactive.”

Follow us on social media for the latest updates in B2B!

Image

Latest

talent
Grow Your Own Talent: How McDonald’s and Skilltrade Are Building a Culture of Lifelong Learning
October 7, 2025

The world of work is changing faster than ever. Automation is reshaping jobs, new technologies are rewriting what “qualified” means, and a new generation of workers is redefining what they expect from employers. From fast food to healthcare, companies are realizing they can’t just hire talent — they have to build it. They’re starting to…

Read More
The Tesla Test-How AI is Changing How We Search Video
The Tesla Test: How AI is Changing How We Search Video
October 7, 2025

In this episode of Secured, Mike Monsive sits down once again with Idan Koren, EVP of Marketing at Verkada, to discuss how artificial intelligence is transforming the landscape of physical security, operational efficiency, and the broader business of technology. The conversation begins with Verkada’s groundbreaking integration of natural language search in video surveillance —…

Read More
workforce education
Finding the North Star for Adult Learning: How UTI Is Redefining Workforce Education for Today’s Talent Needs
October 7, 2025

In a world where rapid technological change is redefining how we live, work, and learn, the demand for skilled labor and lifelong learning has never been higher. From electric vehicle repair to advanced diagnostics in healthcare, the U.S. faces a widening talent gap in the skilled trades and allied health industries. According to the…

Read More
child advocacy
Child Advocacy in Action: How CASA Sustains Impact Through Volunteerism and Vision
October 7, 2025

Across the United States, roughly 390,000 children are living in foster care, each facing the challenges of navigating the child welfare and court systems. Nonprofits working in this space carry the dual responsibility of supporting children’s emotional needs while also sustaining the funding and partnerships that make child advocacy possible. This raises a pressing…

Read More