Resources to help institutions with cybersecurity response plans
February 22, 2023
To help institutions with data security efforts, the Department of Education has provided new guides for developing Incident Response Plans and for sanitizing media.
In a February 16 Electronic Announcement, the Department announced the availability of two new factsheets on how to establish an Incident Response Plan (IRP) and the importance of data sanitization.
According to the Department, an IRP, in the event of a cyberattack, mitigates risk and limits damage by establishing plans, procedures, roles, and responsibilities. To learn more, create, or strengthen an institution’s IRP, visit FSA’s Cybersecurity Incident Planning for Institutes of Higher Education factsheet.
The Department also reminded schools that physical documents, mobile devices, external hard drives, USB drives, memory devices, and computers can harbor abundant sensitive student data. If not properly disposed of, confidential data may be wrongly disclosed. FSA’s Media Sanitization and Disposal Best Practices factsheet details how to permanently destroy media to protect confidential personal data and proprietary information.
Anyone with questions about the announcement or the factsheets should contact FSASchoolCyberSafety@ed.gov.