K12 SIX Launched to Strengthen Cybersecurity in Primary and Secondary Education

Written By Pat McGlone

Herndon, VAOctober 22, 2020Kindergarten Through Twelfth Grade Security Information Exchange (K12 SIX), a non-profit member community has launched to advance cyber resilience for public school districts and private school organizations in the United States.

By offering analysis on relevant threats and a secure collaboration platform for IT and security staff, K12 SIX allows the primary and secondary education sector to defend itself from cyberthreats through collective warning and mitigation.

“The education sector has been under consistent attack, which has been exacerbated by virtual learning due to COVID-19,” said Mark Orsi, president of Global Resilience Federation, the parent company of K12 SIX. “Schools have been targets of opportunity for cyber threat actors because of the important role they play and their understandable budgetary focus on education rather than security. K12 SIX was launched to help lift up the cybersecurity of the education sector in the face of these unprecedented digital assaults.” 

In the K12 SIX community, members have access to alerts on emerging threats, reports on trending security topics, documents on best practices and procedures, and the means to securely engage peers and K12 SIX staff security analysts.

Members participate in calls with K12 SIX analysts and have access to a security newsletter covering current risks and resources. Members are also enrolled in an emergency notification system to flag major, unfolding threats by phone, email and SMS if urgent action is needed.

The K12 SIX staff have access to dozens of public and private data sources and analytic tools to provide tactical analysis, critical alerts and strategic context for the community, but members are also encouraged to share cyber threat information, to broaden the community’s security awareness. School district staff can provide details on incidents or recovery techniques and are able to do so with attribution or anonymously.

The details relevant to security practitioners in the community do not include Personally Identifiable Information or any information that would identify a school or district. Examples of relevant Indicators of Compromise (IOCs) shared by the community include malware signatures, software vulnerabilities, malicious email subject lines, etc. However, to ensure liability protection and fidelity of reputation, the community operates under a classification system so that submitters control how their information is disseminated. As an added precaution, K12 SIX staff also redact unneeded details before disseminating alerts to the wider community.

“By working together in a collaborative and secure way, we can increase warning and resilience, mitigate attacks and speed recovery,” added Orsi. “Hackers are crowdsourcing knowledge and tools to make their attacks more effective. School districts and organizations must do the same if they hope to keep students learning and protect the valuable information they hold on families, educators, staff, and administrators.”

K12 SIX is providing a free one-year membership to the first 100 school districts that join. Contact Cynthia Camacho at ccamacho@grf.org with questions.

You may also learn more about cyberthreats targeting education and plans for K12 SIX during The State of K-12 Cybersecurity panel at the Global Resilience Federation Summit on Security & Third-Party Risk on November 5. Preregister for complimentary access: https://grf.org/virtual-summit-overview.


###

About K12 SIX
Kindergarten Through 12th Grade Security Information Exchange (K12 SIX) is a cyber threat intelligence sharing hub for school districts, to aid in preventing and mitigating cyber-attacks. This non-profit member community is a cost-effective forum for crowdsourcing security information among a vetted, trusted group of professionals with a common interest, using common technology and with supporting, independent analysis from the K12 SIX security staff. Visit www.k12six.org to learn more. K12 SIX is a member of the Global Resilience Federation multi-sector network of information sharing communities. Media questions may be directed to Patrick McGlone at pmcglone@grf.org.

The K12 SIX secure collaboration platform was co-built with Cyware Labs, which has committed significant resources to support the community.

Pat McGlone
Previous

K-12 Cybersecurity Breaches Worse Than Reported at Federal Level
Next

Working Together to Stay Cyber-Secure During a Pandemic