Senators Introduce Bipartisan Legislation To Address K-12 Cybersecurity Issues
The bill instructs the Department of Homeland Security to assess the threat landscape for school districts, including ransomware, and identify solutions to improve cybersecurity protections.
- By Haley Samsel
- December 20, 2019
After a year in which several school districts were victims of ransomware and other cyber attacks, lawmakers in the Senate are leading a push to increase cybersecurity protections for K-12 schools across the United States.
Sen. Gary Peters (D-Mich.), the ranking member of the Senate Homeland Security and Governmental Affairs Committee, and Rick Scott (R-Flor.) have partnered up to introduce the K-12 Cybersecurity Act of 2019. The bill, introduced on Monday, instructs the Department of Homeland Security to conduct a study of the cybersecurity threats that schools face and develop a set of recommendations and resources for administrators to consult when developing cybersecurity plans.
“Schools across the country are entrusted with safeguarding the personal data of their students and faculty, but lack many of [the] resources and information needed to adequately defend themselves against sophisticated cyber-attacks,” Peters said in a statement.
The Cybersecurity and Infrastructure Security Agency (CISA) within DHS would handle the project, partnering with other federal agencies and private companies to complete the study and assess the risks faced by schools maintaining student and employee records. Afterward, CISA would create an “online toolkit” to help schools better protect their systems alongside other school safety information.
Peters and Scott’s bill earned applause from school administrators and cybersecurity leaders who have seen a rapid increase in breaches related to student and school data.
Cybersecurity firm Armor found that in the first nine months of 2019, ransomware attacks targeted more than 500 U.S. schools, ZDNet reported. In just the past few months, districts in Arizona and New York have had to cancel classes due to ransomware attacks on their computer systems. Faculty and staff across the San Bernardino Unified School District were locked out of their emails and could not use WiFi for days of classes in October.
Congress has struggled to come up with a response to ransomware attacks, which have spread to target schools and universities as well as local governments, large companies and small businesses. Education advocacy groups and cybersecurity experts said the bill was an important first step.
"An assessment of risks and specific, tangible guidelines on how best to protect our school networks from being taken hostage will help our educators prevent such interruptions to teaching and learning and protect sensitive student data,” Marc Egan, the director of government relations for the National Education Association, said in a statement.
Haley Samsel is an Associate Content Editor for the Infrastructure Solutions Group at 1105 Media.