With local schools increasingly under cyberattack, a new resource can help bolster defenses

Over the last decade, conversations about the security of local schools have risen to the forefront of public discourse—and not just concerning physical security. In the digital realm, cyberattacks on public institutions including K-12 school districts are increasing at an alarming rate.

A new report from the Cybersecurity and Infrastructure Security Agency (CISA), “Partnering to Safeguard K-12 Organizations from Cybersecurity Threats,” seeks to help school districts “address systemic cybersecurity risk,” according to a statement about the research issued by the federal agency. CISA published a complimentary toolkit along with the report. “It also provides insight into the current threat landscape specific to the K-12 community and offers simple steps school leaders can take to strengthen their cybersecurity efforts.”

Given the important role schools play in society, the report stresses a need for administrators to take action. American K-12 schools serve more than 50 million students, according to the U.S. Department of Education. And from 2018 to the present day, schools in just about every state have reported experiencing a cyberattack. Reported cyberattacks have risen from 400 in 2018 to an accumulated total of more than 1,300 since then, the report says. The majority of those incidents have been some sort of data breach. Ransomware attacks were the second most cited incidents.

To bolster defense measures, the report provides three simplified recommendations: Invest in those cybersecurity measures that are the most impactful; recognize resource constraints and work to address them; and collaborate by promoting information-sharing.

“We must ensure that our K-12 schools are better prepared to confront a complex threat environment,” said CISA Director Jen Easterly. “As K-12 institutions employ technology to make education more accessible and effective, malicious cyber actors are hard at work trying to exploit vulnerabilities in these systems, threatening our nation’s ability to educate our children. Today’s report serves as an initial step towards a stronger and more secure cyber future for our nation’s schools, with a focus on simple, prioritized actions schools can take to measurably reduce cyber risk.”

High-impact actions that should be focused on by administrators include implementing multi factor authentication, prioritizing patch management, performing backups, minimizing exposure to common attacks, developing a cyber incident response plan, and training employees to stay vigilant. 

The report calls on public officials overseeing communities to elevate risk management in local schools to a top-level priority. 

“Leaders must take creative approaches to securing necessary resources, including leveraging available grant programs, working with technology providers to benefit from low-cost services and products that are secure by design and default, and urgently reducing the security burden by migrating to secure cloud environments and trusted managed services,” the report says.

A shortage of resources and cybersecurity professionals working in local schools and K-12 districts complicates things. Most institutions don’t have anyone working full-time in cybersecurity, and funding is often limited. Those that do have cybersecurity staff who often don’t have up-to-date training or experience, the report continues, highlighting an “extreme disparity in talent availability and funding, with a clear divide between larger and smaller districts.” This makes implementing changes or updates difficult. Focusing on specific, impactful goals like those listed in the report can help in that regard. 

“Now more than ever, cyber actors are targeting our nation’s education system and increased cybersecurity demands add strain to school districts that are already doing so much,” the report says. “What the sector needs most is resources, simplicity, and prioritization.”