Cybersecurity is challenging schools, but ESSER funding can help

Even before COVID-19, cyberattacks against K-12 school systems were on the rise. The shift to remote learning during the pandemic created many new opportunities for cyber criminals, causing a significant increase in security breaches and making protecting school networks even harder. Fortunately, schools can use some of the $190 billion in federal pandemic relief money designated for education to bolster their cyber defenses.

New security gaps create new security challenges

According to a report from the K-12 Cybersecurity Resource Center, last year was the worst yet for security breaches in K-12 schools, with more than 400 publicly disclosed incidents — up 18 percent from 2019. That’s an average of more than two successful cybersecurity attacks every school day.

K-12 IT networks became prime targets during the pandemic for DDoS, ransomware, email-based phishing and other cyberattacks for many reasons. One key reason is that many school districts rapidly adopted new technology tools and platforms to support remote learning without appropriately vetting them, which has provided cyber criminals with opportunities to infiltrate their networks via security gaps. Another is that many schools purchased and deployed new devices for students under very tight deadlines, and these network-connected mobile devices are sometimes unsecure and easily-corruptible, which can endanger the entire network by offering new vulnerabilities to bad actors.

A recent survey of K-12 chief technology officers (CTOs) by the Consortium for School Networking (CoSN) reveals that cybersecurity is a top technology priority for IT leaders. However, only 63 percent of CTOs have purchased security products and services such as DDoS protection, citing budget constraints as their biggest IT challenge.

How ESSER funding can help

While the pandemic has amplified the cybersecurity challenge for schools, it has also prompted lawmakers to offer more resources for addressing the problem. Since March 2020, federal lawmakers have passed three COVID-19 stimulus bills that together provide more than $190 billion in emergency relief aid for K-12 education — and improving cybersecurity is one way that school systems can use this money.

The U.S. Department of Education (USDOE) has created the Elementary and Secondary School Emergency Relief (ESSER) Fund to distribute the money to schools. According to a guidance document published by the USDOE in May 2021, if a school or district is improving cybersecurity “to better meet [the] needs of students related to preventing, preparing for or responding to COVID-19,” then it may use ESSER funds for this purpose.

For example, if a school system is capturing and analyzing student data to understand how much learning loss has occurred during the pandemic and to make decisions about the remediation students need to make up for lost instructional time, it could use ESSER funding for cybersecurity initiatives to keep that data secure.

K-12 school systems must take cybersecurity threats seriously, especially as they continue to rely more on technology for teaching, learning and school operations. The $190 billion in federal emergency relief aid for K-12 education provides a unique opportunity for schools to address the cybersecurity challenge head on.

Click here to learn how Spectrum Enterprise can help.