Return to Headlines

Educational Services Commission of New Jersey Helps Safeguard School Districts from Cyberattacks

New Service Protects Digital Information; Meets Tougher Cyber Liability Insurance Requirements

PISCATAWAY – December 27, 2021 – Cybersecurity attacks have reached alarming proportions, with 160 percent more data breaches recorded from 2020 to 2021.

New Jersey’s school districts are not immune. Many have become targets of ransomware, a type of malicious software that locks up critical computer files until the victim pays a hefty ransom.

In response, the Educational Services Commission of New Jersey (ESCNJ) is helping school districts improve their defenses against cyberattacks.  It is part of the specialized school district’s professional consulting services to school districts and local governments from its main campus in Piscataway.

“Our new program, the ESCNJ Cybersecurity Framework, combines written policies with security awareness training and technology tools to help school administrators enhance their cybersecurity strategies,” explained ESCNJ Schools Superintendent Mark Finkelstein. “We created this framework in consultation with insurance companies, state officials and industry experts to provide a cost-effective response to the growing cybersecurity threat.”

Kevin Dellicker, a consultant with Dellicker Strategies, has been working with ESCNJ to develop the framework. He pointed out that cyberattacks are happening more frequently and with more expensive consequences to public entities.

“Protecting digital information requires a culture change in the K-12 community,” Dellicker said. “Effective cybersecurity requires a district-wide response. Technical fixes, alone, are no longer enough.”

ESCNJ provides a host of services and solutions related to cybersecurity through its cooperative purchasing program.  School districts and other government entities can hire consultants to run vulnerability scans and penetration tests, establish incident response plans and implement data defense solutions.

There is no one-size-fits all solution, but most school districts often need to implement the same strategies to protect data.

“Every school district should have a written plan for information security,” Finkelstein said. “The ESCNJ Cybersecurity Framework guides school districts and ensures they are using proven and tested methodologies to keep information secure.”

Insurance companies are also fighting back against cyberattacks with more directives to policy holders. For example, they are requiring school districts to have multifactor authentication, endpoint detection and response, documented staff training and a system backup, Dellicker noted.

The ESCNJ Cybersecurity Framework helps school districts meet these upgraded cybersecurity protections that must be in place by June 30, 2022 for most cyber liability insurance renewals. Timing is of the essence; just meeting the minimum requirements typically takes 3-6 months to complete.

“This framework is our latest service offering through the co-op, as we continue to adjust and respond to the pressing needs of school districts,” Finkelstein said. “Cyberattacks are only going to grow in frequency and, together, we must be protected.”

To learn more, visit