There is no more important institution to the future prosperity and strength of the United States than our nation’s K–12 education system. K–12 schools and school districts have adopted advanced networking technologies that facilitate learning and make schools more efficient and effective. This technological gain, however, has introduced heightened risks. Malicious cyber actors are targeting K–12 education organizations across the country, with potentially catastrophic impacts on students, their families, teachers, and administrators.
The K–12 cybersecurity challenge was exacerbated by the COVID-19 pandemic, which significantly tested the nation’s education system, necessitating an unexpected pivot to virtual learning that rendered our K–12 educational institutions increasingly vulnerable as new technologies were adopted on an unprecedented scale. Cyberattacks, and the threat thereof, strained resources and impacted delivery of critical education services across the nation. This has placed an untenable burden on our educational institutions and the populations that they serve and protect — children, parents, and educators. A continuing drumbeat of cyber intrusions is threatening the nation’s ability to educate our children while also placing personal information and school data at risk.
Congress recognized this heightened risk environment by enacting the K–12 Cybersecurity Act of 2021 (“The Act”), which required the Cybersecurity and Infrastructure Security Agency (CISA) to report on cybersecurity risks facing elementary and secondary schools and develop recommendations that include cybersecurity guidelines designed to help schools face these risks. Our resultant report provides insight into the current threat landscape and the K–12 community’s capacity to prevent and mitigate cyber-attacks. Recommendations throughout this report are informed by insights from policymakers, government officials, and members of the K–12 community. These recommendations are presented with a caveat: change must come from the top down. Leaders must establish and reinforce a cybersecure culture. Information technology and cybersecurity personnel cannot bear the burd ..
Support the originator by clicking the read the rest link below.