Sens. Gary Peters, D-Mich., and Rick Scott, R-Fla., reintroduced the K-12 Cybersecurity Act May 27 in an effort to strengthen the cybersecurity of school systems. This is the second time the two introduced the Act, having previously introduced similar legislation in 2019 in the last Congress.
The bill would direct the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) to complete a study of the cybersecurity risks that schools face and develop recommendations.
“Our nation’s K-12 schools are increasingly becoming targets for ransomware and other cyber-attacks because they store personal records related to their students, faculty, and staff,” Sen. Peters said in a release. “Unfortunately, many school districts don’t have all the necessary expertise or resources to protect this data and address these sophisticated attacks.”
CISA would be required to work with other Federal agencies, schools, and private sector organizations to conduct the study that examines the cybersecurity risks schools face, as well as risks specific to remote learning. CISA would then publish a toolkit available online for K-12 students.
The bill already has the support of the Consortium for School Networking, the School Superintendents Association, the National Association of Secondary School Principals, the American Federation of Teachers, and the Michigan Association of Computer Users in Learning back in Sen. Peters’ home state, according to the release.
“Americans deserve to have their private information protected. It’s unacceptable that bad actors would have access to networks containing the records and personal data of our students, educators, and school employees – putting their safety at risk,” Sen. Scott said in the release. “I’m proud to reintroduce this legislation to bolster cybersecurity at our schools and ensure they have the resources needed to protect students and teachers’ personal information.”
Democrats recently pushed Education Secretary Miguel Cardona to address K-12 cyber threats in an April letter, and CISA and the FBI warned of an increase in K-12 cyber attacks last December. The full text of the bill is not yet available.