The K-12 Cybersecurity Resource Center (beta) is a work in progress. The new site and identity give it the foundation to grow, which it can do with your help.
When schools rely on technology for teaching, learning, and school operations, the impact of a cybersecurity incident can be significant.
These are new threats facing schools. They are harming individuals. They are disrupting school schedules – and class time – and they are costing schools and taxpayers a lot of money. We need an effective and comprehensive response.
I partnered with EdSurge to write an end-of-the-year commentary on the present and future of K-12 cybersecurity.
Both federal policies – FERPA and COPPA – presume that schools have the resources and knowledge to assess their own data security practices, to say nothing of their vendors. Emerging evidence says otherwise.
To better understand the cybersecurity challenges facing schools, Education Week talked with school leaders in Arizona, Connecticut, Montana, and Texas about the cybersecurity incidents they faced, and how they responded. They found that the country’s K-12 information-technology leaders are likely underestimating the dangers they face and that many are failing to take even basic steps to secure their networks and data.
Both FERPA and the COPPA Rule presume that schools have the resources and knowledge to assess their own data security practices, to say nothing of that of their vendors. Emerging evidence suggests that this presumption should be challenged. The FTC and ED can take affirmative action to improve the security with which schools and their vendors treat student data.
These days, fingerprint scanners and cameras are regular parts of school life—on the ceilings watching students walk, and on their laptops analyzing their facial expressions. While surveillance tools could yield benefits for safety, performance development and security, they also raise thorny security and privacy issues.
One interesting and potentially concerning trend that has emerged in compiling data for the K-12 Cyber Incident Map is that the number of schools and/or districts that have experienced multiple cyber incidents is increasing. This may be due to an increased reliance on technology for teaching, learning and school operations as compared to other districts and hence a greater exposure to cyber risks. It could be due to bad luck. Or, it could be a sign of a lack of expertise, resources, and/or attention to cyber security issues. To aid policymakers, researchers, administrators, and others in understanding this trend, I have decided to compile and begin to report more detailed information about these schools and districts.