On November 25, 2019, the K-12 Cyber Incident Map was taken offline for extended maintenance.


The proximate reason for this maintenance is the fact that Google is deprecating the free application that has powered the K-12 Cyber Incident Map to date. As such, a switch – at least on the back end – to a new map interface was inevitable in the coming days. Of course, any change of this magnitude also begs the question of what the K-12 Cyber Incident Map could and should be going forward. Indeed, it has remained essentially unchanged since it first launched some 30 months ago, itself courtesy of the brainstorming time of a cross country flight to address the National Governors Association.

A few notes on the foreseeable future of the K-12 Cyber Incident Map:

  1. Incident tracking will continue in the interim period – and Map maintenance will have no effect on newsletter production, blogging and commentary, or communications via @K12CyberMap.
  2. The K-12 Cyber Incident Map was **only ever temporarily** the definitive source of data used for analyses reported by the K-12 Cybersecurity Resource Center. (Recall the Map first launched in March 2017 on the EdTech Strategies website.) For well over a year, it has merely been a convenient way to display incident data and a symptom of technical debt incurred in bootstrapping this work. The actual database powering the K-12 Cyber Incident Map is much more powerful and consists of two linked databases: one of cyber incidents (with more finely grained incident details) and one of school districts that have experienced at least one cyber incident. As such, the temporary outage of the map interface is really only an outage in one display of data that I have chosen to make publicly available.
  3. It has increasingly become clear that some are using data displayed on the K-12 Cyber Incident Map for commercial purposes, directly profiting from this work, while not contributing to its ongoing maintenance and support. In addition to the hard costs of operating this website and the database powering the K-12 Cyber Incident Map, hundreds and hundreds of hours of personal time have been required for the research and outreach that have enabled it to exist and grow in influence. Simply put, this contribution of free data and services to the K-12 sector is unsustainable.

I have been – I hope – understanding of the win-win nature of building the sector’s broad awareness of the cybersecurity risks it is facing by making the K-12 Cyber Incident Map freely available. That is the reason the Map was launched in the first place and the reason why it has grown to become the definitive source for K-12 cybersecurity incidents affecting U.S. public K-12 schools. Nonetheless, I have chafed at requests for free, direct access to the dataset powering the Map (although this has not stopped some from the unauthorized scraping of Map data for their own analyses, despite the copyrighted nature of the work). Many of the options to monetize this work could result in even less data and information being available for public advocacy and use by public officials and the media. I’d like to avoid this. I hope you’d agree with this sentiment.

To that end, I have 3 asks of readers of this post:

  1. If the work of the K-12 Cybersecurity Resource Center is of value to you, please let others know of it. For those interested in keeping apprised of updates, you can follow our RSS feed, sign up for our occasional newsletter, or follow @K12CyberMap.
  2. In this time of giving, consider joining those who make a recurring monthly donation to the K-12 Cybersecurity Resource Center at Ko-fi. Crowdfunding serves a dual purpose: it does provide financial support, but also helps me to understand the breadth of support for this work. Anything given is much appreciated and goes to direct support of this work.
  3. If you are affiliated with a company that is marketing products and services to school districts with an interest in promoting better cybersecurity practices – including by linking to this site or sharing it with potential customers in presentations – consider helping to underwrite the forthcoming ‘The State of K-12 Cybersecurity: 2019 Year in Review‘ report. A sponsor prospectus can be found here. (Last year’s report can be found here, for reference.) While I am also available for paid speaking and custom consulting engagements, financial support of this annual report is the best way to ensure the continued free availability of the K-12 Cyber Incident Map.

It may be a couple of weeks before the Map is re-launched. In the mean time, I remain available for your questions, comments, tips, and suggestions. Wishing all a happy Thanksgiving with friends and family.