President Biden on Friday signed into law legislation intended to strengthen the cybersecurity of K-12 institutions after a year in which cyberattacks aimed at schools spiked as classes moved online during the COVID-19 pandemic.
The K-12 Cybersecurity Act requires the Cybersecurity and Infrastructure Security Agency (CISA) to create cybersecurity recommendations and tools for schools to use to defend themselves against hackers after conducting a study on the cybersecurity risks facing K-12 institutions.
The bipartisan bill, approved by the House late last month following passage by the Senate, is sponsored by Senate Homeland Security and Governmental Affairs Committee Chairman Gary PetersGary PetersSinema fundraising in Europe as reconciliation talks 'ongoing': report Hillicon Valley — Presented by LookingGlass — Congress looks to strengthen government's aging cyber infrastructure Peters presses TikTok on how company addresses conspiracy, extremist content MORE (D-Mich.) and Sens. Rick Scott (R-Fla.), Jacky RosenJacklyn (Jacky) Sheryl RosenHillicon Valley — Presented by American Edge Project — Americans blame politicians, social media for spread of misinformation: poll Biden signs bill to strengthen K-12 school cybersecurity It's time to lower the cost of prescription drugs — my plan for nonprofit manufacturers would be a step forward MORE (D-Nev.) and Bill CassidyBill CassidyHillicon Valley — Presented by American Edge Project — Americans blame politicians, social media for spread of misinformation: poll Biden signs bill to strengthen K-12 school cybersecurity Senators gear up for bipartisan grilling of Facebook execs MORE (R-La.).
Rep. Jim LangevinJames (Jim) R. LangevinHillicon Valley — Presented by American Edge Project — Americans blame politicians, social media for spread of misinformation: poll Democrats urge federal agencies to address use of cryptocurrencies for ransomware payments Biden signs bill to strengthen K-12 school cybersecurity MORE (D-R.I.) primarily sponsored the bill in the House, with Reps. Doris MatsuiDoris Okada MatsuiOvernight Health Care — Presented by The National Council for Mental Wellbeing — FDA panel advises Moderna booster shot for high-risk people Hillicon Valley — Presented by American Edge Project — Americans blame politicians, social media for spread of misinformation: poll Biden signs bill to strengthen K-12 school cybersecurity MORE (D-Calif.), Andrew Garbarino (R-N.Y.), Andrew Clyde (R-Ga.) and Elissa SlotkinElissa SlotkinDemocrats fret as longshot candidates pull money, attention Bleak midterm outlook shadows bitter Democratic battle Hillicon Valley — Presented by American Edge Project — Americans blame politicians, social media for spread of misinformation: poll MORE (D-Mich.) as co-sponsors.
Slotkin, who attended the bill signing at the White House, pointed to other major cybersecurity incidents, such as ransomware attacks on Colonial Pipeline and meat producer JBS USA and nation-state attacks like the SolarWinds hack, as highlighting mounting cyber threats.
“The real-world consequences of cyber attacks have hit home with Americans across the country over the last year,” Slotkin said in a statement. “From the attacks directed at SolarWinds, the Colonial Pipeline, JBS USA and even EA video games, folks are beginning to realize that cybersecurity isn’t just a tech issue — it goes to the heart of the systems we rely on in our daily lives.”
“Our schools aren’t exempt from this emerging threat; in fact, they’re prime targets,” she said. “Our bill lays the groundwork for better cybersecurity policies in our schools and stronger coordination between them and the experts at CISA. This is an important first step, and I’m grateful to the President for helping us begin to address this challenge.”
Peters and Rosen were also present at the bill signing.
Cybersecurity threats for K-12 institutions have multiplied during the pandemic, as classes were forced online to platforms vulnerable to exploitation and hacking. As a result, many districts were forced to delay or cancel classes at various times in the past year due to cyberattacks, in particular ransomware attacks, including school districts in Miami-Dade County, Fla.; Baltimore County, Md.; and Fairfax County, Va.
The K-12 Cybersecurity Resource Center released a report earlier this year that found K-12 institutions in the U.S. experienced a “record-breaking” number of cyberattacks in 2020, with an average of two attacks per day aimed at schools.
“While no one can predict whether another global pandemic will close schools to in-person learning, important lessons can and should be drawn from this experience to ensure that if such an event (or something like it) occurs again in the future, districts are better prepared,” the report read.