The education sector currently faces the highest volume of cyberattacks of any sector, with 60% of educational institutions (higher and lower) suffering ransomware attacks in 2021. Cyberattacks are a source of significant cost and can cause major disruption to school operations, which was the case of the recent attacks at UMass and Baltimore County Public Schools. The UMass Lowell attack shut down the campus for nearly a week, and Baltimore County Public Schools spent more than $8.1 million to recover from its security breach – only a portion of which was covered by cyber insurance

K-12 administrators are also facing mounting pressure from the federal government to address cybersecurity gaps in its infrastructure that could place student privacy at risk. Following a recent study of cybersecurity in K-12 schools in which the US Government Accountability Office (GAO) determined that Education should take additional steps to protect K-12 schools from cyberattacks, Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) was tasked to review its K-12 cybersecurity plans. Further, the recently-passed K-12 Cybersecurity Act also tasked CISA to create new K-12 cybersecurity guidelines. While these tasks signal federal recognition of the growing cyber threats in education, neither report has resulted in mandated security standards. 

While the federal government has not yet mandated minimum security requirements, higher and lower education institutions are facing the need to improve security from another source: cybersecurity insurance (or “cyber insurance”). However, many institutions are finding that cyber insurance premiums continue to rise to extremely high costs due to the continued increase in cyberattacks.

Finding cost savings on cyber insurance with MFA

The growing risk of attack is driving up cyber insurance premiums, which have spiked by as much as 300% in targeted industries such as education. The higher premiums don’t mean higher cyber insurance coverage, and in fact, administrators are finding themselves facing lower coverage limits. This is also only if schools can find an insurer who will cover them: four in ten schools say fewer cyber insurance providers are offering them coverage than a year ago.

To combat the risk, most insurance carriers are adopting new minimum standards for security, and 49% of schools report facing an increase in the minimum level of cybersecurity they must put in place in order to qualify for cyber attack insurance. 

One of the most universally-required minimums is multi-factor authentication (MFA).

Higher education and K-12 schools looking to maintain or apply for cyber insurance will now need to implement MFA – and in some cases phishing-resistant MFA depending on the cyber insurance provider – or face being denied coverage. These new requirements, if not met, could expose a school to significant financial risk if targeted by hackers, phishing attacks, or ransomware attacks. 

Unfortunately, educational institutions face significant barriers to MFA adoption, from training challenges to budget pressures. While there is a strong push to expand E-Rate funding for cybersecurity investments, it is important to come up with a plan to rollout MFA in a way that balances security with resource challenges and end-user flexibility, while ensuring there are no gaps in MFA coverage. 

The good news is that for those organizations that are proactively implementing MFA for the upcoming 2022-2023 year, significant cost savings can be found not only in avoiding costly cyber attacks and saving IT time on costly password resets, but also on premiums. “The more your insurer trusts your cybersecurity infrastructure, the more likely you are to pay a lower premium, especially if you’re aligned with all government regulations,” notes J.P. Pressley in a recent EdTech article.

For more on how to build a flexible and resilient MFA program in education, read our latest whitepaper: Graduating from legacy MFA to modern authentication. For more information on cyber insurance premiums and cyber security insurance requirements, check out our recent webinar here.

The post New cyber insurance requirements place high demands on education appeared first on Yubico.


VaultumCity is the best trusted place to select and buy your best Yubikeys, Vaultumcity free ship all yubikeys, Vaultumcity is reseller distributor of yubikeys so you can find cheapest best yubikey in Vaultumcity. If you are looking for best Yubikeys in Singapore at VaultumCity website online store.

The shop that sells yubikeys is

Our delivers are from Singapore, distribute globally. Buying Yubikey in Vaultum to have best customer and after sales services. All Yubikeys sold at Vaultumcity are quality guaranteed. Please place a large amount order to have great discount for reseller. Contact Vaultumcity at whenever you have any issue with your yubikeys. Buying yubikeys at Vaultumcity to have best newest yubikeys free shipped to your door, FIDO2 U2F SECURITY KEY C NFC, FIDO2 U2F SECURITY KEY NFC, YubiKey 5 Nano, YUBIKEY 5 NFC, YubiKey 5C, YubiKey 5C nano, YubiKey 5C NFC, YUBIKEY 5Ci, YubiKey Bio – FIDO Edition. Yubikeys are best most secure tools for two-factor authentication. You can also buy yubikeys form Malaysia, Yubikey Malaysia is being sold at Vaultumcity with great price and free ship, you have it fastest, just in few days because we’re here in Singapore.

If you are looking for yubikeys in Indonesia, Vaultumcity is a great place to buy yubikey Indonesia, you can have yubikeys to protect your logins in just few days. Vaultumcity ship your yubikeys to your home in Thailand, to help ensure your data is safe and secured.

What about South Korea, Vaultumcity bring your yubikeys to your home in South Korea free-shipped.

Vaultumcity also delivers yubikeys to Japan, any province or city to your hands. Check out and grab your best suited yubikey today at VaultumCity.