The State Educational Technology Directors Association (SETDA) released a landscape scan detailing the needs and priorities of state members when it comes to strengthening K-12 cybersecurity readiness.
The scan was released by SETDA’s Cybersecurity and Privacy Collaborative, which is a professional learning community of state ed tech leaders and private sector partners focused on identifying key resources, assessing state-level K-12 cybersecurity advocacy efforts, and crafting policy recommendations.
The report is broken into three categories: critical vulnerabilities and difficulties for K-12, legislative needs, and how to strengthen the state response.
Critical Vulnerabilities and Difficulties for K-12
The report explained that as school data and instruction move online and increasingly rely on digital tools, it becomes a more attractive target for cybercriminals. While districts are aware of the increase in threats, many still struggle to overcome obstacles to ensure sufficient cybersecurity.
SETDA stressed that many confounding factors make this an uphill battle for schools. Members of the Cybersecurity and Privacy Collaborative identified their most pressing concerns for states and local education agencies (LEAs):
- Human factors;
- Third-party connections;
- Leadership awareness;
- The complexity of funding;
- Access to security expertise; and
- Proof of proper controls.
Legislative Impact and Needs
The report points out that the increase of legislative attention to cybersecurity shows that states and the Federal government are aware of immediate needs. While legislative focus on K-12 cybersecurity is important, it is critical that legislators at all levels of government are listening to education stakeholders about where legislation and funding can be the most helpful. In the report, members of the collaborative shared that these were the things they most wanted policymakers to know:
- Cyber incidents remain under-reported;
- Training is critical;
- Collaboration lessens the burden;
- Investments must be sustained; and
- Dependable access requires network security.
Strengthening the State Response
The report zeroed in on how state-level education agencies, which make up the membership of SETDA, are uniquely positioned to strengthen the K-12 response. Members of the collaborative are primarily focused on the following activities to help LEAs manage the burden of cybersecurity:
- Sharing learning and resources;
- Educating district and school leaders;
- Promoting response and recovery strategies;
- Sharing incident data;
- Developing mitigation strategies;
- Building collaboratives;
- Engaging expert partners; and
- Group purchasing.