New Legislation Aims to Strengthen Cybersecurity of K-12 Schools

Newly introduced bipartisan legislation aims to implement improved cybersecurity protections for K-12 educational institutions in the United States.

Introduced by U.S. Senators Gary Peters (D-MI), ranking member of the Senate Homeland Security and Governmental Affairs Committee, and Rick Scott (R-FL), the K-12 Cybersecurity Act of 2019 demands the Department of Homeland Security (DHS) to identify risks and challenges that schools face and recommend solutions.

Education institutions, the senators argue, handle a large amount of sensitive records related to both students and employees, including grades, family information, medical histories, and employment information, and they require strong cyber protections to ensure this data is safe.

“Schools across the country are entrusted with safeguarding the personal data of their students and faculty, but lack many of resources and information needed to adequately defend themselves against sophisticated cyber-attacks,” Senator Peters said.

The new legislation, the senators say, will help ensure that schools across the country will be able to protect themselves from hacking, thus keeping the information of both students and educators secure.

Cyberattacks targeting schools have become increasingly common over the past several years. Recently, the state of Louisiana declared an emergency in response to such incidents, and schools in Arizona were closed. Last year, the Johannesburg-Lewiston Area schools in Michigan were targeted with ransomware.

The K-12 Cybersecurity Act of 2019 instructs DHS’s Cybersecurity and Infrastructure Security Agency (CISA) to partner with other federal departments and private sector organizations to perform an assessment of the cybersecurity risks that are specific to K-12 educational institutions.

After that, CISA should come up with a set of recommendations to help schools strengthen their cybersecurity posture, as well as to develop an online toolkit to assist them in this regard. These tools would become available via the DHS website with other school safety information, the legislation demands.

“While technology can be a powerful classroom tool to enhance and supplement, not supplant, student learning and the work of educators, strict, enforceable privacy safeguards are so important to make sure our schools remain safe from cyber threats like data breaches, ransomware, and email scams. The K-12 Cybersecurity Act of 2019 will allow DHS to study the depth and scope of these risks to help safeguard our schools so educators and students can use technology with limited risk for years to come,” Randi Weingarten, president of the American Federation of Teachers, commented.

Related: New Legislation Would Block US Firms From Storing Personal Data in China, Russia

Related: Bipartisan Legislation to Require DHS Alerts on Election Hacking

Related: Legislation Would Stiffen Penalties for Ransomware Attacks