K–12 Cybersecurity Standards Released, Along with Free District Self-Assessment Tool
The nonprofit K12 Security Information Exchange (K12 SIX) has
released its highly anticipated cybersecurity
standards of practice for K–12 schools and districts, a
companion to the K12
SIX Essential Cybersecurity Protections released in August. The
group also released a free
self-assessment tool for information technology and information
security leaders.
The standards of practice document, K12
SIX Cybersecurity Standards: 2021-2022 School Year, establishes a
four-tiered rubric for at-risk, baseline, good and better practices
for data security in schools in the areas of network traffic
sanitation, safeguarding devices, identity/data protection for staff
and students and regular maintenance. The guide also includes help
with determining whether protections have been implemented properly;
information on expected impacts; guidance on costs, complexity and IT
time requirements; and alignment with the NIST Cyber Security
Framework 1.1.
The free
self-assessment tool can be accessed here. The standards of
practice are
available with registration at k12six.org/protective-measures-series.
Additional details about the initiative can be found in a K12
SIX webinar here.