SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Flashpoint unveils security offering for school boards
Mon, 20th Jun 2022
FYI, this story is more than a year old

Flashpoint has released its K-12 risk management and security offering to provide school boards and education security practitioners with tools to recognise, prevent and manage cyber and physical threats.

The threat, vulnerability and risk intelligence company notes that threat actors are increasingly targeting schools with ransomware and DDoS attacks, causing school systems to become the victims of data breaches and email compromise schemes.

This results in devastating impacts on K-12 operations across the US, along with teachers, students, parents and vendors.

“Schools increasingly are facing a confluence of cyber and physical threats that have to be addressed holistically,” Flashpoint global public sector sales vice president Steve Cooperman says.

“Flashpoint is the only joint threat intelligence solution that can quickly help schools better protect their students and personnel in both the cyber and physical realms, reducing risk everywhere.

“Our K-12 risk management and security solutions are specifically designed to address the unique threats facing school boards nationwide, which cost taxpayers millions of dollars and far too often put the livelihoods of students, parents, and school personnel at risk.

To combat this, Flashpoint is partnering with leading school systems in the US to provide its new K-12 offerings.

These include:

Ransomware readiness and response

Flashpoint notes that K-12 schools are often targeted by ransomware groups who disrupt network and communication systems and encrypt sensitive information such as the personal and financial data of students, their families and school employees in exchange for a ransom payment.

Flashpoint's latest offerings assist K-12 schools in quickly identifying how widespread an attack is in the event of cyber extortion and implementing a response plan to mitigate the impact.

The company notes that as part of any organisation's overall risk landscape, plans and policies have to be tested to ensure their readiness if an attack is to take place and to address this, Flashpoint works with schools to create contingencies such as establishing a process to ensure payments can be made securely and quickly.

Brand exposure protection and domain monitoring

Flashpoint's offerings can also be used to identify fake or duplicate social media accounts that may be targeting a K-12 school's name and brand and also help to eliminate threats including typosquatting, enabling users to take action through takedown services.

In addition, the Flashpoint Intelligence Platform also offers insight into whether the brand is being impersonated through logo detection via Optical-Character Recognition (OCR) and machine learning technology.

Preventing account takeover (ATO)

Flashpoint's Intelligence Platform helps school risk management and security teams find school-affiliated email credentials that have been exposed and identify whether or not they're being sold within illicit communities across the deep and dark web (DDW).

It also affords schools the ability to flag these accounts, reset passwords, and restrict permissions to prevent threat actors from accessing sensitive data while mitigating the risk of ATO.

Coordination with law enforcement

These offerings assist schools in introducing a range of standard operating procedures into their risk remediation program, including knowing when and how to involve law enforcement quickly and effectively in a scenario requiring that level of response.

Threat actor monitoring and intelligence

Further, the company helps schools to rapidly identify threat actor groups that are actively using stolen data or involved in malicious activity against assets, personnel, or the community and helps risk management security teams to easily understand the most important context surrounding threat actors such as affiliates, history, and tactics, techniques and procedures (TTPs), which can result in DDoS attacks, Business Email Compromise (BEC) scams, and other potentially detrimental schemes.

Flashpoint's offerings enable schools to set up custom alerts, prioritise remediating security issues and managing them promptly, and prepare for the future.

Vulnerability intelligence and prioritisation

The company gives schools education security professionals with comprehensive vulnerability intelligence, including over 93,000 vulnerabilities that cannot be found in the CVE and NVD.

Its VulnDB offering allows schools to receive alerts of newly disclosed vulnerabilities in their software ecosystem approximately two weeks faster than the public source.

Combining this with enriched metadata means security professionals can use VulnDB to recognise, prioritise, and remediate the vulnerabilities that may pose the biggest threat to their data, assets and infrastructure.

Flashpoint's new cyber and physical security intelligence solutions for K-12 schools are available immediately.