Cybersecurity for K-12 Education
There is nothing more important than ensuring the safety and security of our schools from physical and cybersecurity threats alike. Unfortunately, adversaries have targeted our K-12 education system due to the extensive amounts of personal and financial data they maintain about our kids, teachers, school staff, and records on the schools themselves. Yet, most educational districts lack the resources to put in place a comprehensive cybersecurity program. So many of our schools across the nation are, what we call, “target rich and cyber poor” in that they are often a frequent target for ransomware and other cyberattacks due to the extensive data kept on school networks, often without the proper protection.
For K-12 schools, cyber incidents are so prevalent that, on average, there is more than one incident per school day.
CISA is placing a focus on working with the K-12 education sector to help raise awareness and understanding of the risks as well as to change behaviors that put us at risk of phishing and other online attacks. We provide tools, information, and resources to help this vitally important component of the nation’s critical infrastructure to protect themselves against attacks by malicious actors to reduce the likelihood of successful cyber incursions.
Whether you are a school administrator, teacher, parent, or part of the education community, take a moment to scroll through the content on this page to learn more about how K-12 can be more cyber secure and resilient.
K-12 Cybersecurity Report and Toolkit
In January 2023, CISA released Protecting Our Future: Partnering to Safeguard K–12 organizations from Cybersecurity Threats. The report provides recommendations and resources to help K-12 schools and school districts address systemic cybersecurity risk. It also provides insight into the current threat landscape specific to the K-12 community and offers actionable steps school leaders can take to strengthen their cyber posture.
To provide students with the education they need to thrive in a globally connected world, we must find ways to design, fund, acquire, and maintain the infrastructure that will make connectivity a reality for every teacher and student.
This guidance is intended to help the K-12 education community acquire products that are “Secure by Design.”
Cybersecurity education & career development is vital to strengthening the nation's cybersecurity workforce. CISA is standardizing roles and helping to ensure we have well-trained cybersecurity workers today and tomorrow.
Bringing federal, state, and local school leaders together to share actionable recommendations that enhance safe and supportive learning environments in K-12 schools.
Provides school districts, staff, parents, and students with resources to understand and protect against ransomware.
Provides a one-stop-shop for federal school safety resources, programs, and actionable recommendations for creating a safe environment where students can thrive. SchoolSafety.gov was created by CISA and its federal government partners.
Outlines the issue of online safety and provides tips, strategies, and aligned resources specifically geared towards parents and guardians, school communities, and students.
Students, educators, administrators, and school personnel should take simple, proactive steps to better protect themselves and their school systems online.
The advisory body expands to assist the agency in tackling broader cybersecurity issues.
Subcommittees will provide recommendations to CISA during the CSAC’s September quarterly meeting.
New cybersecurity performance goals to serve as a roadmap to strengthen the resilience of local providers like schools, hospitals and utilities.
The industries slated for emphasis are “target-rich, resource-poor entities." They’re also heavily targeted by ransomware.
CISA to begin work identifying systemically important entities with focus on ‘target rich, cyber poor’ organizations
Initial work to identify systemically important entities will start in three “target rich, cyber poor” sectors: K-12 schools, hospitals, and water and wastewater.
Director Easterly speaks at the White House Hosts Cybersecurity Summit for K-12 Schools – Topic: Federal Support to K-12 SchoolsDirector Easterly speaks at the White House Hosts Cybersecurity Summit for K-12 Schools – Topic: Federal Support to K-12 S
Director Easterly speaks at the White House Hosts Cybersecurity Summit for K-12 Schools – TOPIC: Lessons Learned from LAUSD Cyber Attack