On Oct. 8, President Joe Biden signed the bipartisan K-12 Cybersecurity Act of 2021 into law to provide school districts with resources to combat and protect themselves against cyberattacks.
The global pandemic has impacted an entire generation of students and educators and underscores the importance of safeguarding their personal information. The act responds to growing data security incidents affecting K-12 schools in recent years, including a dramatic rise in ransomware and other forms of malware.
“This law highlights the significance of protecting the sensitive information maintained by schools across the country, and my administration looks forward to providing important tools and guidance to help secure our school’s information systems,” Biden said in a White House press release.
The Cybersecurity and Infrastructure Security Agency (CISA) will spend the next several months researching the risks and vulnerabilities of K-12 school districts as the education sector continues to face an onslaught of ransomware attacks.
The legislation authorizes the CISA director to study the specific risks impacting K-12 institutions within 120 days. The director then has 60 days to develop recommendations for cybersecurity guidelines for K-12 schools and then another 120 days to create an online toolkit school districts can use to implement those strategies and recommendations.
“This law is an important step forward to meeting the continuing threat posed by criminals, malicious actors, and adversaries in cyberspace,” Biden said.