HomeWorldAmericasCISA Helps Secure K-12 Education

CISA Helps Secure K-12 Education

Published on


Over the past four years, threat actors have targeted K-12 institutions’ computer systems to spread ransomware, interrupt access, render systems unusable, and steal students’ and staff’ financial, medical, and Social Security numbers.

The K-12 Cybersecurity Act of 2021 directed CISA to review cyber risks to elementary and secondary schools, evaluate challenges schools and school districts face in securing information systems, provide recommendations on improving system protection, and develop an online training toolkit for school officials.

Most K-12 education stakeholder organisations lack the time and resources to secure information systems and sensitive student and employee records or implement cybersecurity protocols.

Most said that the breadth of cybersecurity information—news coverage, conference panels, webinars, and more—only confused matters. According to CISA, “Nearly all said that they wanted simplicity, prioritising, and resources targeted to the unique needs and context of K-12 organisations”.

CISA recommends establishing multi-factor authentication (MFA), fixing known vulnerabilities, making backups, and implementing cyber incident response plans and cybersecurity training programmes.

The agency’s investigation into K-12 cybersecurity found that many school districts lack IT resources and cybersecurity capacity, which can be addressed by using free or low-cost services, asking technology providers for strong security controls at no additional cost, migrating IT services to more secure cloud versions, and taking advantage of the State and Local Cybersecurity Grant Program (SLCGP).

K-12 institutions cannot detect and prioritise new threats, risks, and vulnerabilities alone, thus CISA recommends they join relevant cooperation groups, work with other information-sharing organisations, and collaborate with CISA and FBI regional cybersecurity specialists.

The organisation advises K-12 institutions to invest in the most effective security measures to eventually develop a mature cybersecurity plan. CISA’s Cross-Sector Cybersecurity Performance Goals should guide their investments (CPGs).

CISA’s Digital Toolkit includes these suggestions’ resources and assistance for stakeholders. The toolkit contains extra materials to help stakeholders create, administer, and sustain a robust cybersecurity programme at their institution.

Info source – Securityweek

Latest articles

Malaysia Average Salary Insights: Fresh Graduates and Inflation

In Malaysia, determining the average salary for fresh graduates has become an increasingly pressing...

Just For Thought: Current Social Media Problem

The rise of social media has undoubtedly revolutionized the way we connect with others...

The Negative Impact of Social Media on Geopolitical Movements

The emergence of social media has revolutionized communication worldwide, facilitating the spread of information,...

China’s Investment In Sarawak And Its Implications

China's investment in Sarawak has raised concerns among many locals and environmentalists. The influx...

More like this

U.S. Real Estate A Safe Haven For Dirty Billions, Report Says

According to a new report released by a Washington, D.C.-based think tank, at least...

Row Escalates As India Suspends Canadian Visas

In response to the killing of a Sikh separatist on Canadian soil, India has...

India Rejects Canada’s Sikh Leader Murder Claim As ‘Absurd’

India rejected as "absurd and motivated" Canada's claim that it was involved in the...