Security Experts:

Connect with us

Hi, what are you looking for?


Management & Strategy

New Legislation Aims to Strengthen Cybersecurity of K-12 Schools

Newly introduced bipartisan legislation aims to implement improved cybersecurity protections for K-12 educational institutions in the United States.

Newly introduced bipartisan legislation aims to implement improved cybersecurity protections for K-12 educational institutions in the United States.

Introduced by U.S. Senators Gary Peters (D-MI), ranking member of the Senate Homeland Security and Governmental Affairs Committee, and Rick Scott (R-FL), the K-12 Cybersecurity Act of 2019 demands the Department of Homeland Security (DHS) to identify risks and challenges that schools face and recommend solutions.

Education institutions, the senators argue, handle a large amount of sensitive records related to both students and employees, including grades, family information, medical histories, and employment information, and they require strong cyber protections to ensure this data is safe.

“Schools across the country are entrusted with safeguarding the personal data of their students and faculty, but lack many of resources and information needed to adequately defend themselves against sophisticated cyber-attacks,” Senator Peters said.

The new legislation, the senators say, will help ensure that schools across the country will be able to protect themselves from hacking, thus keeping the information of both students and educators secure.

Cyberattacks targeting schools have become increasingly common over the past several years. Recently, the state of Louisiana declared an emergency in response to such incidents, and schools in Arizona were closed. Last year, the Johannesburg-Lewiston Area schools in Michigan were targeted with ransomware.

The K-12 Cybersecurity Act of 2019 instructs DHS’s Cybersecurity and Infrastructure Security Agency (CISA) to partner with other federal departments and private sector organizations to perform an assessment of the cybersecurity risks that are specific to K-12 educational institutions.

After that, CISA should come up with a set of recommendations to help schools strengthen their cybersecurity posture, as well as to develop an online toolkit to assist them in this regard. These tools would become available via the DHS website with other school safety information, the legislation demands.

“While technology can be a powerful classroom tool to enhance and supplement, not supplant, student learning and the work of educators, strict, enforceable privacy safeguards are so important to make sure our schools remain safe from cyber threats like data breaches, ransomware, and email scams. The K-12 Cybersecurity Act of 2019 will allow DHS to study the depth and scope of these risks to help safeguard our schools so educators and students can use technology with limited risk for years to come,” Randi Weingarten, president of the American Federation of Teachers, commented.

Related: New Legislation Would Block US Firms From Storing Personal Data in China, Russia

Related: Bipartisan Legislation to Require DHS Alerts on Election Hacking

Related: Legislation Would Stiffen Penalties for Ransomware Attacks

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

Risk Management

A threat-based approach to security often focuses on a checklist to meet industry requirements but overlooked the key component of security: reducing risk.

Management & Strategy

Microsoft making a multiyear, multibillion dollar investment in the artificial intelligence startup OpenAI, maker of ChatGPT and other tools.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Risk Management

CISA has published a report detailing the cybersecurity risks to the K-12 education system and recommendations on how to secure it.