A new report from COSN analyzes trends in K-12 provisions in the close to 100 cybersecurity bills introduced in 27 states in 2020. Those addressing risks in K-12 in particular focused on cybersecurity instruction for students, technical assistance to schools, and investments for improvement in technology and professional development. At the federal level, another 10 proposals commonly focused on building a cyber workforce, expanding cybersecurity awareness and training, technology investment, and ongoing research into the K-12 cyber-landscape.
As of December, there had been around 1,110 publicly reported cybersecurity incidents in K-12 since 2016, according to the K-12 Cybersecurity Resource Center. Among them were disclosures of personal data, ransomware, phishing, denial-of-service and other types of incidents that led to school disruptions and unauthorized disclosures. Ransomware in particular has been a particularly popular mode of cyberattack due to the likelihood that districts will pay ransoms to have access to student and personnel data restored quickly.
Security experts say among steps districts can take to mitigate cybersecurity risks are: