EXECUTIVE SUMMARY:
Classroom security just got a boost by the Biden administration, which signed a new bill into law aiming to result in improved security for K-12 schools. Since 2016, cyber security attacks targeting the education sector have increased by five fold. This bill, which is designed to help secure the cyber classroom or the cyber-ready classroom, provides experts with the resources to educate teachers about cyber security best practices.
In the past few years, hundreds of cyber attacks focused on educational institutions have occurred. In most instances, hackers aim to obtain sensitive student data and/or employee records that can turn a profit on the dark web. Since the start of the coronavirus pandemic, the situation has worsened considerably, making clear the need for improved security.
For example, in the last year, school and classroom security has been sufficiently weak that:
- Ransomware attacks on schools have shut down online learning
- The FBI has issued flash alerts pertaining to online classroom security
- At least one school paid $547K in order to restore systems after a cyber attack
President Biden comments…
“This law highlights the significance of protecting the sensitive information maintained by schools across the country, and my Administration looks forward to providing important tools and guidance to help secure our school’s information systems,” stated President Biden, as he signed the law.
“The global pandemic has impacted an entire generation of students and educators and underscores the importance of safeguarding their sensitive information, as well as for all Americans. This law is an important step forward to meeting the continuing threat posed by criminals, malicious actors, and adversaries in cyberspace. My Administration is marshalling a whole-of-nation effort to confront cyber threats,” he continued.
Classroom cyber security bill details
In 2019, this bill was introduced by US Senator Gary Peters, with co-sponsor Senators Jacky Rosen, Rick Scott and Bill Cassidy. Rosen chose to support the bill after a ransomware attack on her state’s Clark County School District. According to Rosen, Nevada and other US states are becoming routine targets of ransomware and other cyber attacks. As noted previously, these attacks can result in undue and harmful exposure of personal information belonging to students, faculty and staff members.
Rosen says that she is proud to see the bi-partisan legislation turned into a law. She believes that the Cybersecurity Act will help empower school systems and prevent debilitating ransomware attacks.
Although experts contend that the bill appears relatively simple, some see it as a major win for school districts that lack the capacity to otherwise contend with a wide array of cyber security issues. The law is expected to help districts upgrade cyber security strategies and to remain competitive in the new cyber age.
Expert opinions on the bill…
According to experts, the law will function to raise awareness around protecting students online and it will provide improved guidance and resources for school security managers. Nonetheless, implementing a barrage of new cyber security changes may prove challenging. The majority of school districts do not have the infrastructure in place to deal with digital identities.
According to the CTO of the education security platform Identity Automation, “It’s going to be almost a year before districts have something tangible to help them improve their cyber security approach.” 
Other experts contend that the law will enable poorly funded schools to obtain cyber security consulting or to otherwise obtain the cyber security assistance that they need. Funding-strapped schools often lack an understanding of how to provide classroom security in the cyber environment and official laws can help educate the educators and standardize new cyber security initiatives. And others yet argue that the law falls short of school security services needs.
For more insights into preventing ransomware in schools, click here. Lastly, to get cutting-edge insights, analysis and resources in your inbox each week, sign up for the Cyber Talk newsletter.
