Key points:
The Federal Communications Commission (FCC) recently voted to adopt a three-year, $200 million Schools and Libraries Cybersecurity Pilot Program. The pilot program will provide schools and libraries with cybersecurity services and equipment. It will also allow the FCC to collect and analyze data on which cybersecurity services and equipment would best help elementary and secondary schools and libraries deal with increasing cyber threats and attacks against their broadband networks.
While much-needed resources and funding represent an important step toward strengthening cybersecurity in the education sector, they remain modest progress on a critical issue. As primary and secondary schools increasingly become prime targets for cybercriminals due to their often limited resources and reliance on outdated systems, collaboration between the federal government and the education sector is more crucial than ever.
By providing critical funding, advanced cybersecurity resources, expert guidance, and data and analysis collection, the federal government can help schools effectively protect themselves against cyber threats.
The critical importance of federal collaboration with schools
Establishing partnerships between federal entities, cybersecurity experts, and the education sector offers numerous benefits, including improved information sharing, increased training opportunities, and access to specialized resources. For example, the Department of Homeland Security's partnership with elementary and secondary schools with the U.S. Department of Education offers numerous advantages. Cybersecurity Training and Education Assistance Program has provided resources and training to thousands of educators, helping to integrate cybersecurity concepts into K-12 education and foster a culture of proactive cybersecurity awareness and preparedness within the educational community. Additionally, the U.S. Department of Education and the Cybersecurity and Infrastructure Security Agency launched the Government Coordinating Council (GCC) for the Educational Facilities Subsectorenhancing collaboration across all levels of government to protect primary and secondary schools from cyber threats.
The federal government plays a critical role in shaping cybersecurity practices in elementary and secondary schools, which often lack their own necessary guidelines and policies regarding cybersecurity practices. By adhering to federal government guidelines, such as those we see in the tech.ed.gov/files/2023/08/DOEd-Report_20230804_-508c.pdf” target=”_blank” rel=”noreferrer noopener”>Overview of digital infrastructure for primary and secondary education–Schools can work to improve cybersecurity.
Collaborative efforts are most effective when schools prioritize and leverage available resources.
The effectiveness of the FCC initiative, policies published by the federal government, and other similar collaborative efforts by the federal government depend on two efforts that fall exclusively on schools.
First, schools must make cybersecurity a priority. Effective cybersecurity prioritization relies on leadership and involves identifying specific vulnerabilities, allocating resources, and creating a comprehensive plan and budget to address potential threats. To effectively respond to cyberthreats, cybersecurity must be supported at all levels.
Second, schools must use the resources provided by the federal government to address both their immediate vulnerabilities and long-term security needs. Cyber threats are increasingly targeting the education sector and Don't slow down In the short term, it is vital that schools prioritize and take a strategic approach to maximize the impact of federal collaborative efforts that focus on immediate and achievable goals.
Collaboration with federal agencies provides access to specialized resources and funding and provides schools with crucial guidance on cybersecurity best practices, often improving their cybersecurity posture. Educational entities can also partner with each other to increase their purchasing power and bolster their cybersecurity resources, for example by partnering to jointly purchase software and licenses.
Beyond FCC funding
Schools, like many other industries, operate in a hybrid environment and must have a viable plan to protect their valuable data regardless of location. It is critical to protect endpoints, including laptops, tablets, and mobile devices, with comprehensive protection solutions that provide real-time monitoring and threat detection. This shift to digital learning environments has expanded the attack surface, turning every connected device into a potential entry point for cyber threats.
The education sector is not required to adhere to a Zero Trust deadline as mandated by federal government agencies. However, as the education sector seeks federal government collaboration and best practices, it should also consider implementing a Zero Trust framework, ideally one that has segmentation at its core. Zero Trust Segmentation (ZTS), segmentation using Zero Trust principles, is a crucial technology within the Zero Trust framework. Through continuous visualization of all communication patterns and traffic across workflows, devices, and the Internet, ZTS constantly verifies a user and creates granular policies that allow only essential communication. If an attack were to occur, ZTS applies Zero Trust principles to extend visibility across all networks and all traffic and limit free lateral movement, containing the attack and minimizing its impact.
Schools should also implement endpoint protection platforms that not only protect against malware and viruses but also offer advanced features such as behavioral analytics and automated response capabilities. These solutions should be able to identify suspicious activity and isolate compromised devices to prevent the spread of infections. Real-time monitoring ensures that any anomalies are detected immediately, allowing for quick action to mitigate potential threats.
It is critical for schools to implement regular software update and patch policies, as well as educate students and staff on best practices for device security. By protecting endpoints comprehensively and prioritizing the timely implementation of these measures, schools can protect the integrity of their hybrid learning environments and ensure the safety of their educational communities.
Given the ever-changing threat landscape, schools need to act with urgency and have robust cybersecurity plans in place now, rather than a decade from now. Any improvement is a step in the right direction, and organizations don’t need to achieve 100 percent security right away.
Improving cybersecurity for educational resilience
Overall, while the FCC program marks a crucial investment in improving cybersecurity in K-12 schools and will generate valuable data on which services work best for the education community, it addresses only a fraction of the challenges facing educational entities. To maximize the impact of this funding and other federal collaborative initiatives, schools should prioritize cybersecurity, integrate strong cybersecurity practices into their educational frameworks, and foster collaborative partnerships with federal agencies and industry experts.
Continued advocacy for enhanced support and enhanced collaboration will further strengthen cybersecurity resilience, ensuring primary and secondary schools can effectively adapt to changing cyber threats and provide a safe digital space for both students and educators.
!function(f,b,e,v,n,t,s)
{if(f.fbq)return;n=f.fbq=function(){n.callMethod?
n.callMethod.apply(n,arguments):n.queue.push(arguments)};
if(!f._fbq)f._fbq=n;n.push=n;n.loaded=!0;n.version=’2.0′;
n.queue=();t=b.createElement(e);t.async=!0;
t.src=v;s=b.getElementsByTagName(e)(0);
s.parentNode.insertBefore(t,s)}(window, document,’script’,
‘https://connect.facebook.net/en_US/fbevents.js’);
fbq(‘init’, ‘6079750752134785’);
fbq(‘track’, ‘PageView’);
