As students, educators, and families prepare for back-to-school, the U.S. Department of Education (Department) today announced key K-12 cybersecurity resilience efforts. These efforts include the upcoming establishment of a Government Coordinating Council (GCC), as well as the release of the Department’s three K-12 Digital Infrastructure briefs, including “K-12 Digital Infrastructure Brief: Defensible and Resilient", which was co-authored by the Cybersecurity and Infrastructure Security Agency (CISA). Together these efforts, along with a Back to School Safely: Cybersecurity Summit for K-12 Schools at the White House today, will unite leaders from the Biden-Harris Administration, education, industry, and advocacy groups to make advancements on a crucial issue in fortifying cybersecurity resilience in the K-12 education community. You can watch today’s White House event here.

“Let’s face it: in today’s digital age, our students and their teachers will increasingly use technology in the classroom. Schools have access to more devices and connectivity than ever before, and this technology in education has incredible potential to help students better connect with their learning and achieve, and teachers better engage with their students,” said U.S. Secretary of Education Miguel Cardona. “But to make the most of these benefits, we must effectively manage the risks. Just as we expect everyone in a school system to plan and prepare for physical risks, we must now also ensure everyone helps plan and prepare for digital risks in our schools and classrooms. The Department of Education has listened to the field about the importance of K-12 cybersecurity, and today we are coming together to recognize this and indicate our next steps.” 

Education infrastructure is undeniably critical infrastructure, and in the digital age, the need to prioritize cybersecurity has become more apparent than ever. Just as we work to provide physical infrastructure for our schools that is safe, healthy, and supportive for all students, the time has come to align resources towards creating a digital infrastructure that is equally safe, accessible, resilient, sustainable, and future-proof. 

The Government Coordinating Council will coordinate activities, policy, and communications between federal, state, local, tribal, and territorial governments that strengthen the cyber defenses and resilience of K-12 schools. By facilitating formal, ongoing collaboration between all levels of government and the education sector, the GCC will be a key first step in the Department’s strategy to protect schools and districts from cybersecurity threats and for supporting districts in preparing for, responding to, and recovering from cybersecurity attacks. This convening at the White House will play a pivotal role in defining the strategies and approaches required to achieve these crucial objectives. 

“Students across our country deserve to learn in an environment that is not only safe and secure physically, but also digitally. This means that schools need the best tools and information available to protect their networks and systems from the full range of cybersecurity threats,” said CISA Director Jen Easterly. “The product released today from the Department of Education and CISA provides school K-12 districts across our communities a starting place to understand the importance of securing our digital infrastructure, and provides steps schools can take today to keep their systems safe. CISA encourages all Administrators, school districts, and teachers to read through this helpful guide and take the recommended actions to reduce risk to the digital infrastructure our children use and rely on each and every day.” 

The White House’s Back to School Safely: Cybersecurity Summit for K-12 Schools will serve as an important platform to address the pressing challenges faced by educators, students, and families in the digital realm. Participants will discuss the key considerations outlined in the newly released publication by the Department's Office of Educational Technology and CISA titled "K-12 Digital Infrastructure Brief: Defensible and Resilient." Key considerations include: 

• Enhancing Continuous Risk Management: Addressing the ever-evolving threat landscape by adopting a proactive approach to managing cybersecurity risks. 
• Utilizing Analogies for Understanding: Leveraging lessons from physical world scenarios to comprehensively grasp and tackle cybersecurity challenges. 
• Prioritizing and Implementing Mitigation Strategies: Identifying the most critical risks and applying effective mitigations such as multi-factor authentication, robust password policies, phishing prevention, and regular software updates. 
• Building Resilience for Cyber Incidents: Developing and practicing cyber incident response plans to minimize the impact of potential cybersecurity breaches. 
• Vendor Engagement for Enhanced Security: Encouraging vendors to invest in secure design principles, obtain cyber risk assurance certifications, and establish security vulnerability disclosure practices. 

The additional two K-12 Digital Infrastructure briefs being released by the Department today include “Adequate and Future-Proof” and “Privacy-Enhancing, Interoperable and Useful.”

The White House’s Back to School Safely: Cybersecurity Summit for K-12 Schools represents a unique opportunity for collaboration, innovation, and partnership, aimed at safeguarding the digital infrastructure that supports our nation's schools. Together, we can create a more secure and resilient future for education in the United States. 

For more information, visit tech.ed.gov/infrastructure.