National Internet Safety Month: Together, we can make our K-12 schools cybersecure. It’s fundamental.

The education of our children is fundamental to our way of life. If someone had told me 10 or 20 years ago that I would live to see K-12 schools and whole districts shut down operations because of cybersecurity breaches, I wouldn’t have believed them. Yet, that’s exactly what we’re seeing. In January, the largest school district in Iowa cancelled classes for a day because of a cyberattack on their network. The same month, Tucson Unified School District, southern Arizona’s largest pre-K-12 school district, suffered a ransomware attack, leaving some teachers without access to their lessons, grading, or attendance records. In the months since then, we’ve seen many more K-12 cyberattacks, each one of them impacting our children, our communities, and our schools--the very institutions we rely on for the future prosperity and strength of our country.

Schools are a target for cyberattacks because they hold valuable information such as staff and student personal data, but they often lack resources to build a comprehensive cybersecurity program. The recent expansion of school networks that was essential to providing remote learning during COVID-19 has left many K-12 schools “target rich, cyber poor.” The resulting situation puts personal information and school data at risk and threatens the nation’s ability to educate our children. This is simply unacceptable.

Fortunately, there are things we can do right now to defend against today’s cyber threats to our schools while we collaborate to build a more cyber secure and resilient K-12 infrastructure for the future.

June is National Internet Safety Month, dedicated to increasing Americans’ understanding of cyber threats and empowering them to be safer and more secure online. This includes doing these 4 things to stay cyber safe: enable multifactor authentication, use strong passwords, think before you click, and update your software. In addition to promoting these essential habits, this is an opportune time to highlight free resources CISA provides to build K-12 cybersecurity, including:

• Partnering to Safeguard K-12 Organizations from Cybersecurity Threats reports on cybersecurity risks elementary and secondary schools face along with recommendations, cybersecurity guidelines, and a toolkit designed to help schools address these risks.
• Stop Ransomware K-12 Resources provides school district staff, parents, and students resources to understand and protect against ransomware.
• SchoolSafety.gov provides a one-stop-shop for federal school safety resources, programs, and actionable recommendations for creating a safe environment where students can thrive. SchoolSafety.gov was created by CISA and its federal government partners.
  • The Cybersecurity section provides focused information to help schools improve cybersecurity.
• CISA Cybersecurity Advisors work throughout the country providing cybersecurity risk management and response services. Identify your region and contact your regional office today to learn about the range of cyber services offered in your region.

I encourage you to explore these resources and share them widely within your community. Use them as building blocks as we work together to effectively cybersecure our K-12 schools.

Let’s use National Internet Safety Month to expand the conversations, build the relationships, and take the next steps in making our K-12 schools cybersecure. It truly is fundamental.