"As the back-to-school season comes to an end, the stakes are higher than ever for K-12 cybersecurity leaders. The start of a new school year always comes with significant change management - new systems being implemented, new student accounts being created, and new lesson plans being developed leaving staff more overwhelmed and distracted. Attackers know this and take advantage."
"CISA 2015 provided K-12 schools with indemnity through a safe way to share and receive cybersecurity training and insights without legal risk. Given many schools don't have the resources to have cybersecurity experts on staff, IT teams are often left in charge of cybersecurity protections. These teams relied on the crowdsourced infrastructure afforded by CISA 2015 for guidance on identifying, responding to, and remediating threats effectively. Without it, we'll likely see schools revert to overly restrictive data sharing practices, like data isolation, network restrictions, or a reduction in vendor partnerships."
"Ultimately, this signals an important shift in governmental cybersecurity frameworks from the top down. In lieu of the re-authorization of the Act, there are pivotal measures that need to be taken across state and local governments to implement new structures of ensuring the safety of our students, teachers, and their data."
Back-to-school periods increase K-12 cybersecurity risk due to new systems, accounts, and distracted staff, creating opportunities attackers exploit. The Cybersecurity Information Sharing Act of 2015 (CISA 2015) expired on Sept. 30, removing legal protections that enabled safe, indemnified sharing of cybersecurity training and threat intelligence. Many schools lack on-staff cybersecurity experts and relied on crowdsourced intelligence through CISA 2015 for threat identification, response, and remediation. Loss of those protections may drive schools toward data isolation, stricter network restrictions, and reduced vendor partnerships. State and local governments must develop new structures and measures to protect students, teachers, and their data.
Read at Securitymagazine
Unable to calculate read time
Collection
[
|
...
]