Skip to main content
close search
site logo
Dive Brief

Senators' K-12 Cybersecurity Act would mandate national study of school practices

Published Dec. 18, 2019
Roger Riddell's headshot
Senior Editor
An illustration of cyber security, showing a padlock over a circuit board.
Getty

Dive Brief:

  • Sens. Gary Peters (D-Michigan) and Rick Scott (R-Florida) on Monday introduced the K-12 Cybersecurity Act of 2019, which would mandate a national Department of Homeland Security review of public school cybersecurity policies, according to a release.
  • If passed and signed into law, the legislation would give the department's Cybersecurity and Infrastructure Security Agency a year to produce a study on cybersecurity threats to the nation's public schools, examining districts’ technology inventories, cybersecurity funding potential risks to student and teacher data.
  • Following the initial study, DHS would then have nine months to establish guidelines and three months to develop tools and resources to safeguard institutional and student data from cyberthreats like ransomware, which have plagued schools and districts in an environment with limited funding and resources to address them.

Dive Insight:

The K-12 Cybersecurity Act's introduction comes at a time of rising attention to just how vulnerable the massive amount of data collected by schools and districts really is. 

It was reported in 2016 that education faced the highest ransomware attack rate of any industry, and it has only become a bigger target in the years since as more schools embrace student information systems and other data analytics tools.

A report released earlier this year by the K-12 Cybersecurity Resource Center counted 122 cybersecurity incidents at K-12 schools in 2018, though report author and EdTech Strategies President Doug Levin suggested to EdSurge as many as 20 times as many incidents were unreported.

A September 2018 public service announcement from the FBI also warned schools are at increased risk of cybersecurity attacks, and Verizon’s 2016 Data Breach Investigations report ranked the education sector sixth overall in the U.S. for total number of “security incidents.”

Untrained staff and students remain the weakest link in the cybersecurity chain, as it takes just one click on the wrong link to compromise the entire system. But these systems also need to have safeguards in place to thwart malicious software if it does find its way in — and the funding and resources too often just aren't there to make that possible. This is especially true for smaller districts.

Many K-12 cybersecurity advocates hoped the recent modernization of the Federal Communications Commission's E-rate program would add coverage for cybersecurity services. While it wasn't included in this round of updates, Commissioner Michael O'Riley suggested it would still be in consideration for the future.

In the long run, growing attention to the severity of the issue only increases the likelihood it will ultimately be addressed through that avenue or legislation like the K-12 Cybersecurity Act.

Recommended Reading

Editors' picks

Company Announcements

View all | Post a press release
Enrollment Now Open for VHS Learning Online High School Courses
From VHS Learning
October 24, 2024
Dallas Independent School District Approves CoderZ and RoboX For Pre-engineering and Robotics …
From Intelitek
November 05, 2024
VHS Learning Among 136 Organizations Committed to Advancing Computer Science Education through…
From VHS Learning
November 04, 2024
Ulster BOCES Opens Application for Conference “Deep Dive” Session Facilitators
From Ulster BOCES
October 29, 2024
Editors' picks
Latest in Technology
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell