Without much fanfare, Congress passed and the President signed a bill in late 2021 designed to help harden K-12 schools against cyberattacks. Schools and school systems have been frequent ransomware and phishing targets for years. The new law requires the nation's cyber regulators to study the problem and issue security guidelines, training materials, and public awareness materials relating to the security issues schools face.
Why It Matters
Having the benefit of centralized guidance and training from top-level federal resources may be helpful as educational institutions upgrade their security and plan for the future. Increasingly, data breach notice laws and state privacy laws are likely to require schools -- along with private businesses -- to pay increased attention to security as a component of safeguarding private information. Because schools have proved to be a rich target for attack already, centralized review and recommendations may be critical to an overall effort to secure the operations of the schools themselves and also to ensure the confidentiality of data relating to their employees, students, and families.