A new joint advisory – warning of cyber threats to K-12 schools – was released by the FBI, CISA, and MS-ISAC. Please share widely.
An important new report on the prevalence and impact of K-12 student data breaches, based on K-12 Cyber Incident Map data.
According to reports, school vendor ‘Total Registration’ experienced a significant student data breach. Many unanswered questions remain about the company’s practices and the sufficiency of its incident response.
In the event of a student data breach, schools in Missouri are now obligated under state law to provide written notice to parents.
A data breach by the Texas Association of School Boards (TASB) offers a cautionary tale about how K-12 school districts and their vendors should communicate the (bad) news to stakeholders.
Today, I am pleased to introduce and launch the “K-12 Cyber Incident Map.” It is a visualization of cybersecurity-related incidents reported about U.S. K-12 public schools and districts from 2016 to the present. Painstakingly assembled from public reports, it was created to begin to build a data-based awareness of the scope and variety of digital security and privacy threats facing K-12 public schools and districts, as well as to shed a light on the need for uniform standards for disclosing cyber incidents affecting schools, students, and educators.
There are a range of potential cybersecurity threats facing K-12 schools. Thanks to my invited participation in a National Governors Association cybersecurity summit, I’ve documented my current thinking on the cybersecurity in K-12 education, why it is an important issue, and what should be done about it. Ultimately, if we can’t generate the political will to address these issues head on, states and the federal government have no business pursuing school reform and improvement strategies dependent on technology.