Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

US Education Dept Urged to Boost K-12 Schools’ Ransomware Defenses

US Education Dept Urged to Boost K-12 Schools’ Ransomware Defenses

The US Department of Education and Department of Homeland Security (DHS) were urged this week to more aggressively strengthen cybersecurity protections at K-12 schools across the nation to keep up with a massive wave of attacks.

The call for action comes from US Senators Maggie Hassan (D-NH), Kyrsten Sinema (D-AZ), Jacky Rosen (D-NV), and Chris Van Hollen (D-MD).

It was prompted by a Government Accountability Office (GAO) report released on Friday, assessing the Education Dept’s current plan for addressing K-12 school threats — issued in 2010 — to be significantly outdated and primarily focused on mitigating physical threats.

“K-12 schools are increasingly coming under cyberattacks from a diverse set of actors, driven largely by the rapid rise of ransomware,” the four US Senators said.

Also Read: How PII Data Works In Businesses And Its Advantages

“According to a database of publicly reported cybersecurity incidents at K-12 schools, 2019 saw almost three times more incidents than 2018 and 2020 saw a further 18 percent increase over 2019. These incidents include ransomware attacks on school districts in New Hampshire, Nevada, Arizona, and Maryland.”

For context on the impact of ransomware on US education institutions throughout 2021, ransomware attacks have disrupted education at roughly 1,000 universities, colleges, and schools since the start of the year, according to Emsisoft threat analyst Brett Callow.

While this number is lower than in 2020 (when 1,681 education institutions were hit), it’s mostly because ransomware attacks have hit smaller school districts this year.

Recommendations and measures to bolster K-12 cybersecurity 

GAO found that the two government agencies have provided K-12 schools with programs, services, and support (e.g., incident response assistance, network monitoring tools, and guidance for parents and students) designed to help defend themselves from these ongoing attacks.

However, it’s more than evident that K-12 education needs additional support, as shown by the growing number of successful cybersecurity breaches affecting K-12 schools.

To address this issue, GAO asked the Department of Education to schedule a meeting with the Cybersecurity and Infrastructure Security Agency (CISA) to decide how to update its sector-specific risk mitigation plan and determine if sector-specific guidance to address cyber threats is needed.

“We strongly agree with the GAO recommendations for the Department of Education, working with DHS’s Cybersecurity and Infrastructure Security Agency (CISA), to update the Education Facilities subsector-specific plan and determine if subsector-specific guidance is needed, and we are glad to see that the Department of Education concurred with the recommendation,” the Senators added (PDF).

Also Read: How To Check Data Breach And How Can We Prevent It

“An updated subsector-specific plan will help the Department of Education and DHS effectively prioritize the risks, cyber and otherwise, to the Education Facilities subsector, while subsector-specific guidance would help K-12 schools better use existing cybersecurity frameworks and implement best practices.”

The two agencies were also urged to establish a coordination council for education facilities to encourage better coordination between federal, state, local entities, and private sector groups that support K-12 schools.

According to the Senators, this would further strengthen their protection against cyberattacks, just as it happened in the case of the Election Infrastructure subsector.



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us