Practice and Provide Training on Good Cyber Hygiene While cybersecurity threats are complex and wide-ranging, there are relatively simple actions that every K–12 organization can take to significantly reduce the risk of a damaging intrusion. This includes recognizing and reporting phishing attempts, using strong passwords, turning on multifactor authentication, and keeping software updated. Each of these fundamental, lowcost steps can significantly minimize exposure to common cyberattacks. Schools should also consider creating an education and awareness program to train staff at all levels on these and other actions that can reduce cybersecurity risk.
Establish and Exercise a Cyber Incident Response Plan Similar to planning for physical or natural emergencies, schools should develop a cyber incident response plan outlining what should be done before, during, and after a cyber incident. Cyber incident response plans may include information about key roles and responsibilities, how a cyber incident may be declared, when to mobilize the incident response team, and plans to alert leadership and other important stakeholders should an incident occur. Schools should also consider integrating this plan into broader school or district emergency operations management efforts and test and exercise their plans regularly with key personnel to validate, update, and strengthen policies and procedures critical to managing an incident.
Stay Informed and Connect with K-12 Cyber Partners Situational awareness of the risk environment and access to timely resources can help K-12 organizations take strategic and cost-efficient actions to strengthen cybersecurity. Information sharing and analysis centers (ISACs), nonprofit organizations specific to the K-12 education sector, and public-private partnerships are often available to join at little to no cost and can provide information on evolving threats and tactics, high-impact actions or best practices, and opportunities to discuss specific challenges or approaches unique to school environments. K–12 organizations also should establish a relationship with their regional Cybersecurity and Infrastructure Security Agency (CISA) cybersecurity advisor and local Federal Bureau of Investigation (FBI) field office. These officials can provide cyber preparedness services and resources, as well as coordination and support during cyber disruptions or attacks.
Resource Links - See SchoolSafety.gov
