Skip to main content
close search
site logo
Dive Brief

Attention to K-12 cybersecurity grows in nearly 100 bills introduced in 2020

Published Feb. 1, 2021
Roger Riddell's headshot
Senior Editor
Getty

Dive Brief:

  • A new report from the Consortium for School Networking analyzes trends in K-12 provisions in the close to 100 cybersecurity bills introduced in 27 states in 2020.
  • Of the cybersecurity proposals, 10 pieces of legislation were passed into law in Alabama, Florida, Louisiana, Massachusetts and Virginia. Those addressing risks in K-12 in particular focused on cybersecurity instruction for students, technical assistance to schools, and investments for improvement in technology and professional development.
  • At the federal level, another 10 proposals commonly focused on building a cyber workforce, expanding cybersecurity awareness and training, technology investment, and ongoing research into the K-12 cyber-landscape.

Dive Insight:

K-12 has become a top target for hackers in recent years due to the combination of high-value data available and the sometimes lax level of cybersecurity measures in place, commanding greater attention to the issue from lawmakers and policymakers. Even before the COVID-19 pandemic sent most schools into remote online instruction and created new risks, districts' technology adoption and the increasingly digital nature of classrooms were outpacing what budgets could allow when it comes to hiring personnel with cybersecurity expertise. 

As of December, there had been around 1,110 publicly reported cybersecurity incidents in K-12 since 2016, according to The K-12 Cybersecurity Resource Center. Among them were disclosures of personal data, ransomware, phishing, denial-of-service and other types of incidents that led to school disruptions and unauthorized disclosures. Ransomware in particular has been a particularly popular mode of cyberattack due to the likelihood that districts will pay ransoms to have access to student and personnel data restored quickly.

Security experts say among steps districts can take to mitigate cybersecurity risks are:

  • Maintaining a cybersecurity insurance policy.
  • Regularly auditing cybersecurity preparedness.
  • Regularly changing and strengthening passwords.
  • Using two-factor authentication.
  • Routinely backing up systems and keeping them offline, or "immutable."
  • Evaluating tech inventory to eliminate unneeded internet-facing systems or servers.
  • Regularly installing security updates and software patches.

While ransomware and data breaches dropped when the pandemic first hit, experts warned in June that there could just be lulls in public reporting or that incidents were still occurring and hadn’t been discovered.

They also cautioned that devices might not be as well-protected beyond school networks and could be compromised during home use and “waiting” to be reconnected to the school network for malware to activate. The FBI issued a warning last summer in regard to remote desktop risks in K-12.

Editors' picks

Company Announcements

View all | Post a press release
TEACH Educator Candidates Experience Consistently Higher Certification Pass Rates After Use of…
From Study.com
November 20, 2024
Dallas Independent School District Approves CoderZ and RoboX For Pre-engineering and Robotics …
From Intelitek
November 05, 2024
VHS Learning Among 136 Organizations Committed to Advancing Computer Science Education through…
From VHS Learning
November 04, 2024
Sumner College Launches Bachelor of Science in Nursing Program in Bend, Oregon
From Sumner College
November 12, 2024
Editors' picks
Latest in Technology
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell