K12 SIX Applauds Landmark Federal Report on Cybersecurity Risks Facing U.S. K-12 Schools
K12 SIX applauds the release of “Protecting Our Future: Partnering to Safeguard K-12 Organizations from Cybersecurity Threats” by the U.S. Cybersecurity and Infrastructure Security Agency (CISA). The report, mandated by the K-12 Cybersecurity Act of 2021, clearly and concisely communicates the unique cybersecurity challenge the U.S. K-12 education sector is facing and recommends common sense steps that education leaders—including superintendents, school board members, and state policymakers—can take to bring about needed change.
K12 SIX has cataloged more than 1,300 K-12 cyber incidents since 2016, resulting in school closures, student and educator data breaches, and the theft of millions of dollars. Due to a lack of federal and state public reporting requirements, this figure—as alarming as it is—understates the magnitude of the challenge facing school districts. The unfortunate reality is that most school systems lack the personnel, resources, and expertise to adequately defend their school communities from evolving cybersecurity threats.
As the CISA report recommends, school district leaders should take immediate action to shore up their cyber risk management practices, including by implementing essential cybersecurity protections like multifactor authentication and participating in a threat information sharing community of peers like K12 SIX.
For those school districts looking for additional support and guidance, CISA recommends resources available to school systems, including K12 SIX’s K-12 cyber incident response runbook, which is freely available to the K-12 community on the K12 SIX website alongside other resources and tools in the K12 SIX Essentials Series.
“Given the steady drumbeat of ransomware, targeted scams, and data breach incidents plaguing school systems from coast to coast, CISA’s report and guidance comes not a moment too soon,” said Doug Levin, Director of K12 SIX. “Nonetheless, its publication is only one step in a much longer journey toward school system cyber resilience. K12 SIX pledges to continue to serve as a leading advocate for defending students, teachers, and school communities from cyber threats, and to work in partnership with all others who share this vital mission.”