New Report Examines Pressing K-12 Cybersecurity Concerns
A new report out Monday found K-12 organizations’ cyber postures slipping slightly over the prior year as they grapple with stubborn cybersecurity challenges and threats ranging from banking Trojans to ransomware.
Cybersecurity funding remains a top concern for the sector, but federal officials are turning attention to the issue and various organizations offer low-cost and free cyber tools.
On Nov. 13, the Federal Communications Commission (FCC) proposed a pilot program that would provide funding supporting cybersecurity and advanced firewall services at schools and libraries. Plus, K-12 Dive notes, state planning committees could use funds from the ongoing State and Local Cybersecurity Grant Program to help school districts in adopting cyber best practices.
Meanwhile, organizations like the Multi-State Information Sharing and Analysis Center (MS-ISAC) offer some free tools and resources, while the Cybersecurity and Infrastructure Security Agency’s (CISA) Known Exploited Vulnerability list can be a helpful way to prioritize, advises the new Center for Internet Security (CIS) MS-ISAC K-12 Cybersecurity Report.
STRENGTHS AND WEAKNESSES
In 2022, 402 K-12 organizations participated in the Nationwide Cybersecurity Review (NCSR). They listed a familiar set of security concerns. Alongside funding shortcomings, those included cyber threats’ rising sophistication, insufficient availability of cyber professionals and lack of documented processes or cyber strategies.The NCSR scores organizations’ cyber maturity to help them assess strengths and gaps. In 2022, K-12 participants averaged a score of 3.25 out of a possible high score of 7. That’s a touch below 2021’s average score of 3.55 — although still “satisfactory,” the report said.
Improving means K-12 must shore up areas like supply chain risk management. Plus, more K-12 organizations should adopt protective measures like collecting audit logs, maintaining data classification schemes and defending against some malware by disabling the autoplay feature on removable media.
Those were also areas of weakness in 2021, but new issues emerged in 2022, too: lack of…
