When 2021’s K-12 Cybersecurity Act was signed as law, one of the responsibilities that the Cybersecurity and Infrastructure Security Agency (CISA) was tasked with was to investigate and report on the threat cybersecurity threat landscape to school districts, and to develop recommendations to help mitigate these threats.
While that process will likely to be one that’s continual as threats become more sophisticated, CISA has released its subsequent report and recommendations. These recommendations are geared specifically toward K-12 administrators, and were informed by insights from policymakers, government officials, and members of that same K-12 community. You can view the summary here (which includes links to the CISA digital toolkit, which summarizes key finding and includes implementation tips), but we’ll highlight some of that information below.
Findings Summary:
- Cybersecurity risk management must be elevated as a top priority for administrators, superintendents, and other leaders at every K–12 institution.
- In an environment of limited resources, leaders should leverage security investments to focus on the most impactful steps.
- No K–12 institution is an island; information sharing and collaboration with peers and partners is essential to build awareness and sustain resilience.
Recommendations Summary:
- Invest in the most impactful security measures and build toward a mature cybersecurity plan
- Recognize and actively address resource constraints
- Focus on collaboration and information sharing
The CNYRIC is well-positioned to help districts meet these challenges on a variety of fronts, particularly as it pertains to multi-factor authentication, developing a cyber incident response plan, and security awareness training. For more information about how these services could help your district, please contact Steven Tryon at 315.433.2280.