HomeWorldAmericasCISA Helps Secure K-12 Education

CISA Helps Secure K-12 Education

Published on

spot_img

Over the past four years, threat actors have targeted K-12 institutions’ computer systems to spread ransomware, interrupt access, render systems unusable, and steal students’ and staff’ financial, medical, and Social Security numbers.

The K-12 Cybersecurity Act of 2021 directed CISA to review cyber risks to elementary and secondary schools, evaluate challenges schools and school districts face in securing information systems, provide recommendations on improving system protection, and develop an online training toolkit for school officials.

Most K-12 education stakeholder organisations lack the time and resources to secure information systems and sensitive student and employee records or implement cybersecurity protocols.

Most said that the breadth of cybersecurity information—news coverage, conference panels, webinars, and more—only confused matters. According to CISA, “Nearly all said that they wanted simplicity, prioritising, and resources targeted to the unique needs and context of K-12 organisations”.

CISA recommends establishing multi-factor authentication (MFA), fixing known vulnerabilities, making backups, and implementing cyber incident response plans and cybersecurity training programmes.

The agency’s investigation into K-12 cybersecurity found that many school districts lack IT resources and cybersecurity capacity, which can be addressed by using free or low-cost services, asking technology providers for strong security controls at no additional cost, migrating IT services to more secure cloud versions, and taking advantage of the State and Local Cybersecurity Grant Program (SLCGP).

K-12 institutions cannot detect and prioritise new threats, risks, and vulnerabilities alone, thus CISA recommends they join relevant cooperation groups, work with other information-sharing organisations, and collaborate with CISA and FBI regional cybersecurity specialists.

The organisation advises K-12 institutions to invest in the most effective security measures to eventually develop a mature cybersecurity plan. CISA’s Cross-Sector Cybersecurity Performance Goals should guide their investments (CPGs).

CISA’s Digital Toolkit includes these suggestions’ resources and assistance for stakeholders. The toolkit contains extra materials to help stakeholders create, administer, and sustain a robust cybersecurity programme at their institution.

Info source – Securityweek

Latest articles

Malaysia’s Death Penalty and Section 302: A Transformative Era

Malaysia's death penalty laws, particularly Section 302 which mandates capital punishment for murder, have...

Fraudulent CrowdStrike Manual Distributes New Infostealer Malware

CrowdStrike has issued a warning regarding a fraudulent recovery manual designed to repair Windows...

Special Flight Launched To Repatriate Malaysians From Bangladesh

The AirAsia flight AK77, deployed to evacuate Malaysians from Bangladesh, safely landed at Hazrat...

Mysterious Chinese Hacking Group ‘Ghostemperor’ Resurfaces After Two Years

A secretive and highly elusive Chinese hacking group known as GhostEmperor, infamous for its...

More like this

U.S. Real Estate A Safe Haven For Dirty Billions, Report Says

According to a new report released by a Washington, D.C.-based think tank, at least...

Row Escalates As India Suspends Canadian Visas

In response to the killing of a Sikh separatist on Canadian soil, India has...

India Rejects Canada’s Sikh Leader Murder Claim As ‘Absurd’

India rejected as "absurd and motivated" Canada's claim that it was involved in the...