New K-12 Cybersecurity Act Mandates DHS Review Schools' Cybersecurity Policies

December 19, 2019

U.S. Senators Gary Peters (D-MI), Ranking Member of the Senate Homeland Security and Governmental Affairs Committee, and Rick Scott (R-FL) introduced bipartisan legislation to implement stronger cybersecurity protections for K-12 educational institutions across the country.

The K-12 Cybersecurity Act of 2019 would help educational institutions bolster their cybersecurity protections by instructing the Department of Homeland Security (DHS) to examine the risks and challenges that schools face in securing their systems. DHS would also be charged with creating a set of cybersecurity recommendations and other voluntary resources for schools to use when implementing their cybersecurity solutions.

In recent years, cyber-attacks on schools have become increasingly common, resulting in a state of emergency in Louisiana and numerous school closures in Arizona. In 2018, Johannesburg-Lewiston Area Schools in Michigan were targeted by a malicious ransomware attack that temporarily shut down the district’s systems, says a news release.

The K-12 Cybersecurity Act of 2019 directs DHS’s Cybersecurity and Infrastructure Security Agency (CISA) to work with other federal departments and private sector organizations to complete a study of cybersecurity risks specific to K-12 educational institutions, including risks related to sensitive student and employee records. Following the completion of that study, the bill directs CISA to develop cybersecurity recommendations and an online toolkit to help schools improve their cybersecurity systems. These voluntary tools would be made available on the DHS website with other DHS school safety information.

“Schools across the country are entrusted with safeguarding the personal data of their students and faculty, but lack many of resources and information needed to adequately defend themselves against sophisticated cyber-attacks,” said Senator Peters. “This commonsense, bipartisan legislation will help to ensure that schools in Michigan and across the country can protect themselves from hackers looking to take advantage of our nation’s cybersecurity vulnerabilities.”

Recently, a report by Armor revealed that 11 new U.S. school districts (comprised of 226 schools) have been compromised by ransomware since late October 2019. Since January 2019 to date, Armor has identified a total of 72 school districts and/or individual educational institutions that have publicly reported being a victim of ransomware. These attacks have potentially impacted 1,039 schools nationwide.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

ON DEMAND: There's a lot at stake when it comes to cybersecurity. Reputation, productivity, quality. Join us to discuss the future of your global security strategy and a path forward with trusted partners Cisco and Rockwell Automation, and turn your Food & Bev security challenges into strategic advantages that drive business value.

New K-12 Cybersecurity Act Mandates DHS Review Schools' Cybersecurity Policies

The latest news and information

Content written for business-minded executives who manage enterprise risk and security

New K-12 Cybersecurity Act Mandates DHS Review Schools' Cybersecurity Policies

Related Articles

Related Products

Related Events

The latest news and information

Content written for business-minded executives who manage enterprise risk and security