This article was originally published on Government Technology on 3.11.24 by Charlie Sander, CEO at ManagedMethods.
From new laws to the K-12 “SIX Essentials Series,” the NIST framework and assessments from the Department of Homeland Security, schools have state backup and abundant resources at their disposal to combat cyber threats.
As parents, educators and policymakers, we are constantly grappling with the evolving landscape of cybersecurity threats facing our school districts. From data breaches to ransomware attacks, the threats and vulnerabilities that our educational institutions are facing demand a coordinated response.
But where do school districts turn for support in bolstering their cybersecurity defenses when it seems like a losing battle? Let’s delve into the areas of assistance that state governments can offer to fortify our schools against digital threats.
The Federal Support Landscape
As explained in a Dec. 14 column in The Conversation by Nir Kshetri, a professor of management at the University of North Carolina – Greensboro, the White House unveiled a comprehensive strategy in August 2023 to enhance cybersecurity in K-12 schools, brought about by increasing pressure and some alarming statistics. In the five-year period from 2018-2023, the U.S. education sector experienced 386 documented cyber attacks, resulting in a staggering $35.1 billion in losses, with K-12 institutions bearing the brunt of these assaults.
The White House spearheaded the initiative and got other federal agencies with cybersecurity expertise on board, notably the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Communications Commission (FCC) and the FBI. As part of this initiative, the FCC tabled a pilot program proposal earmarking $200 million over three years to fortify cyber defenses. However, given that K-12 schools are underfunded by an estimated $150 billion annually in the U.S., one has to question whether this falls short of comprehensive coverage.
The outlined expenses above encompass hardware and software procurement, consultancy services, rigorous testing protocols, and the recruitment of data protection specialists to thwart cyber threats. Continuous training remains imperative to counter evolving risks, as technological advancements prompt cyber criminals to adapt their tactics to exploit vulnerabilities in digital systems…
