Cybersecurity Compliance is Only Half the Battle for EdTech

TechCrunch recently reported on accusations levied by the Federal Trade Commission against edtech giant Chegg – the FTC filed a legal complaint earlier this week indicating that Chegg’s lapses in cybersecurity compliance has resulted in numerous separate data breaches in recent years, and that these breaches were avoidable with better cybersecurity practices.

Sai Huda, CEO of CyberCatch, explains that cybersecurity compliance is only the first step in ensuring data security for edtech customers. The knack is ongoing maintenance and management of those security systems to identify and plug holes as needed – with thousands of attacks levied against educational institutions, hackers will always find vulnerabilities and exploit them.

Sai’s Thoughts

“Along with that, there’s gotta be two other things they’ve gotta do. One is they’ve gotta test those controls regularly. So just implementing the hundred eight controls and thinking you’re in compliance, it is just step one, the step 2, 3, 4, 5, 6, 7, 8, 9, 10 are to continuously test those controls because controls will break.

So, the key is to find those control failures, those security holes before the attackers do, and then plug them, and therefore the attackers will not be able to exploit those security holes and will not be able to be successful. The third thing the school sector must do is to have an incident response plan because it’s not a question of if, but when an incident will happen.

So the key is to be able to detect this incident and then to be able to respond so that damage is mitigated so that perhaps ransomware isn’t spread. Perhaps it can be curtailed. Data can be prevented from being stolen. Incident response plan is also key, and it must be implemented. That’s the way to be successful.

K12 schools are definitely in line of sight of attackers. CyberCatch scanned over 11,000 websites, internet facing assets of K-12 schools in the US and we found over 60% having vulnerabilities attackers can easily exploit break in, install ransomware and steal data.

So, this along with the FTCs order, should be a wakeup call for the whole K-12 sector to be proactive.”

Follow us on social media for the latest updates in B2B!

Image

Latest

student success
The AI-Powered Edge in Education: How LearningClues Is Enabling Student Success with Co-founder and CEO Dr. Perry Samson
June 30, 2025

As AI continues to reshape education, institutions face a growing challenge in ensuring students succeed without compromising engagement or integrity. Today’s college students are often juggling jobs, family, and coursework, leading to limited study time and increased dropout risk. According to the National Center for Education Statistics, 40% of full-time undergraduates and 74% of…

Read More
AI Strategist
Why Enterprises Need an AI Strategist and Why It Should Be a Marketer
June 30, 2025

In this episode of The Marketing AI SparkCast, Aby Varma, founder of Spark Novus, a leading consultancy that partners with marketing leaders to adopt and scale AI responsibly and strategically, talks with Nicola Smith, Senior AI Programs Advisor at Southwest Airlines. They explore how enterprises can move beyond tool experimentation to embed AI into…

Read More
first 90 days
HealthSearch Partners’ Neill Marshall and Kurt Mosley Urge New CEOs to Listen First, Diagnose Early, and Lead with Purpose in the First 90 Days
June 30, 2025

CEO turnover across U.S. hospitals is accelerating. Hospitals and health systems announced 146 CEO changes in 2023—a 42 percent increase over the 103 exits recorded in 2022, according to a Challenger, Gray & Christmas report. As more leaders transition into new roles, the importance of making a good first impression has intensified. The early…

Read More
tech talent
The DisruptED World of Tech Talent with TEKsystems: Future-Proofing the Workforce Through Inclusive Hiring and Non-Traditional Education
June 27, 2025

In a workforce reshaped by automation, accelerated AI adoption, and persistent labor shortages, the demand for skilled tech talent has never been more urgent—or more difficult to meet. The traditional pipelines, namely college degrees and four-year institutions, are no longer producing enough candidates to meet the explosive growth in tech roles. With tech jobs…

Read More