Mar 1, 2022
For context, we at the K12 Security Information Exchange (K12 SIX) are a relatively new K12-specific ISAC – launched to help protect the US K12 sector from emerging cybersecurity risk. One of our signature accomplishments in our first year was the development and release of our ‘essential protections’ series – an effort to establish baseline cybersecurity standards for schools. See: https://www.k12six.org/essential-cybersecurity-protections https://www.grf.org/
Global Resilience Federation
We will help your industry develop or enhance a trusted threat information sharing community, obtain actionable intelligence, and support you in emergencies.
We all count on the resiliency of essential services - services from the electricity powering our homes and the connectivity of entertainment apps, to the legal systems and financial pipelines driving the global economy. But this infrastructure faces constant threats from hacktivists, criminals, and rogue states, and they are growing in sophistication.
Leveraging nearly 20 years of ISAC and ISAO expertise, GRF is a non-profit created to connect sharing communities, for mutual defense.
https://theconversation.com/cybercriminals-use-pandemic-to-attack-schools-and-colleges-167619
https://edscoop.com/texas-school-paid-547k-ransomware-jam/
https://statescoop.com/ransomware-allen-texas-school-district-email-parents/
https://www.toptal.com/insights/innovation/cybersecurity-in-higher-education
https://www.cnn.com/2022/01/07/politics/ransomware-schools-website/index.html
2020 report: https://k12cybersecure.com/wp-content/uploads/2021/03/StateofK12Cybersecurity-2020.pdf
85-89% are underneath 2,500 students
Omg: https://www.edweek.org/leadership/education-statistics-facts-about-american-schools/2019/01
https://www.youtube.com/watch?v=otv0KzkfLSc –Florida mom, daughter accused of rigging homecoming queen votes break silence l GMA
There are 130,930 public and private K-12 schools in the U.S., according to 2017-18 data from the National Center for Education Statistics (NCES). Here’s how they break down:
What are some of the ways you go about addressing the challenge of even reaching smaller schools? Does the isac help?
How do you communicate major security events like log4j? Do you keep track of complications with certain software stacks?
Someone listening might say “hey, I’d love to help…” what/if any opportunities can the larger infosec community do to help your org?