Cybersecurity Collaboration

New Public, Private Help for K–12 Cyber Defense Efforts Announced at White House Summit

• By Kristal Kuykendall
• 08/10/23

The Biden-Harris administration has unveiled new public sector efforts and private sector commitments to bolstering cyber defenses across the nation’s public schools, including a new Government Coordinating Council within the U.S. Department of Education to facilitate formal collaboration between “every level of government and the education sector.”

The announcements were made on conjunction with the White House’s Back to School Safely: Cybersecurity Summit for K–12 Schools, where Secretary of Education Miguel Cardona, Secretary of Homeland Security Alejandro Mayorkas, First Lady Jill Biden led discussions with school administrators, educators, nonprofit leaders in IT and cybersecurity, and private sector companies, according to a news release.

Participants discussed ED’s new framework of best practices for K–12 digital infrastructure, detailed in a series of briefs co-authored by CISA and ED’s Office of Educational Technology; the publications began dropping last week with three available already:

• “K–12 Digital Infrastructure Brief: Defensible and Resilient”

• “K–12 Digital Infrastructure Brief: Adequate and Future Proof”

• "K–12 Digital Infrastructure Brief: Privacy Enhancing, Interoperable, and Useful”

Future briefs not yet published are expected to cover accessibility and equitable access, and digital literacy, safety, and mental health.

During the summit on Tuesday, cybersecurity and education leaders from the public and private sector detailed a number of recent and new commitments to helping K–12 schools better defend their tech infrastructure now and in the future:

• Federal Communications Commission Chair Jessica Rosenworcel recently proposed establishing a pilot program under the Universal Service Fund to provide up to $200 million over three years to strengthen cyber defenses in K–12 schools and libraries in tandem with other federal agencies that have deep expertise in cybersecurity.

• ED will establish a Government Coordinating Council that will coordinate activities, policy, and communications between, and amongst, federal, state, local, tribal, and territorial education leaders to strengthen the cyber defenses and resilience of K–12 schools. “By facilitating formal, ongoing collaboration between all levels of government and the education sector, the GCC will be a key first step in the department’s strategy to protect schools and districts from cybersecurity threats and for supporting districts in preparing for, responding to, and recovering from cybersecurity attacks,” the agency said in its announcement.

• CISA announced it will provide tailored assessments, facilitate exercises, and deliver cybersecurity training for 300 new K–12 entities over the coming school year, with plans to hold about one cyber exercises per month starting this fall. CISA said it is currently accepting exercise requests from government and critical infrastructure partners, including the K–12 community.

• The FBI and the National Guard Bureau said they will soon release updated resource guides to ensure state government and education officials know how to report cybersecurity incidents and can leverage the federal government’s cyber defense capabilities.

• Amazon Web Services announced a number of new no-cost resources for K–12 schools’ cyberdefense efforts:

  • $20 million for a K–12 cyber grant program available to all school districts and state departments of education

  • Free security training offerings tailored to K–12 IT staff delivered through AWS Skill Builder

  • No-cost cyber incident response assistance through its Customer Incident Response Team for school districts experiencing a cyberattack

  • Free “well-architected security reviews” for U.S. ed tech vendors providing mission-critical applications to the K–12 community

• Cloudflare said its Project Cybersafe Schools program will provide a suite of free zero-trust cybersecurity solutions to public school districts with fewer than 2,500 students.

• PowerSchool said it will provide new free and subsidized “security as a service” courses, training, tools and resources to all U.S. schools and districts.

• Google unveiled an updated “K–12 Cybersecurity Guidebook” for schools on the most effective and impactful steps education systems can take to ensure the security of their Google hardware and software applications.

• D2L announced it will provide access to new cybersecurity courses in collaboration with trusted third-parties; extend its information security review for the core D2L integration partners; and pursue additional third-party validation of D2L compliance with security standards.

Read the full White House announcement at WhiteHouse.gov.