Cross-posted on the blog of the K-12 Security Information Exchange (K12 SIX) at:

COVID-19 has demonstrated the importance of continuity in education. But with increasing reliance on remote learning due to the novel coronavirus outbreak, school districts are even more vulnerable to cyberattack.

Students, teachers and administrators are spending significantly more time working online, expanding districts’ attack surfaces. This health crisis arrived at a time when many education leaders were only just beginning to invest in the enterprise-wide security tools and training that must accompany the move to digital and e-learning. To continue this commitment, districts should also adopt enhanced cybersecurity practices like threat information sharing that can provide increased warning and mitigation of malicious online activity that places education in jeopardy at an already challenging time.

“With the available data we saw a three-fold increase in cyber incidents affecting the K-12 education sector last year,” said Doug Levin, Founder and President of EdTech Strategies. “That increase was due to the greater uptake of technology by schools, increased threat actor targeting of local government entities, and the exploitation of IT systems of third-party educational technology vendors that schools rely upon.”

While the shift to remote learning has been challenging, it seems likely that schools will retain it as an option for the foreseeable future. But the need to increasingly rely on third-party education technology solutions presents both obvious advantages and potential risks to students and educators.

“The most secure companies in the world have extensive third-party risk mitigation teams, policies, and monitoring technologies,” said Mark Orsi, President of Global Resilience Federation (GRF). “But many organizations don’t have the resources to have a dedicated security team, much less one focused on their vendors. School district IT teams are particularly under-resourced and understaffed, and need all the help they can get. This is why GRF launched K12 SIX, a new cyber threat information sharing community for school districts.”

The Kindergarten Through 12th Grade Security Information Exchange (K12 SIX) is a new non-profit member community and cyber threat intelligence sharing hub for school districts, dedicated to scaling the prevention and mitigation of cyber threats facing schools, nationwide. It benefits schools by crowdsourcing real-time security information among a vetted, trusted group of professionals with a common interest, using common technology and with supporting, independent analysis from expert K12 SIX security staff.

The NIST Cybersecurity Framework recommends sharing communities like K12 SIX as one of the best means of defense against cyberthreats, and – by crowdsourcing intelligence and mitigation tactics – it is the most cost-effective way to quickly scale improvements in the security of the education sector.

Members of the K12 SIX community will learn about trending phishing campaigns, malware attacks, systems vulnerabilities and other threats in order to enhance their ability to prevent and respond to incidents. Given the need to maintain confidentiality and privacy, the K12 SIX community is designed to protect school districts and avoid the need to release or share any personally identifiable information (PII) of students or school staff.

“We saw a significant increase in cyber threats targeting schools in 2019. Extrapolating that out to 2020 – with everyone working from home, outside the protected perimeter of the school network – it paints a very concerning picture,” added Eric Lankford, Cybersecurity Engineer at Birdville ISD. “Districts need to work together and collaborate for mutual self-defense.”

Learn more about K12 SIX and how you can participate at or by contacting Cynthia Camacho at ccamacho [at]