WASHINGTON, D.C. – U.S. Senator Gary Peters (MI), Chairman of the Senate Homeland Security and Governmental Affairs Committee, reintroduced bipartisan legislation to implement stronger cybersecurity protections for K-12 educational institutions across the country. Schools are responsible for securing a considerable amount of sensitive records related to their students and employees, including student grades, family records, medical histories, and employment information. The bill, which Peters previously introduced in the 116th Congress, will help educational institutions bolster their cybersecurity protections by instructing the Department of Homeland Security (DHS) to examine the risks and challenges that schools face in securing their systems. DHS would also be charged with creating cybersecurity recommendations and other voluntary resources for schools to use when implementing their cybersecurity solutions. U.S. Senator Rick Scott (R-FL) joined Peters to reintroduce the bill.
“Our nation’s K-12 schools are increasingly becoming targets for ransomware and other cyber-attacks because they store personal records related to their students, faculty and staff. Unfortunately, many school districts don’t have the all the necessary expertise or resources to protect this data and address these sophisticated attacks,” said Senator Peters. “This commonsense, bipartisan legislation will help ensure the federal government is providing schools and administrators with the information and tools they need to secure their networks and block bad actors from stealing sensitive personal information.”
Cyber-attacks on schools increased over the past year as Americans’ daily lives and classrooms moved online during the pandemic, including attacks against schools in Michigan. In one attack on Walled Lake Consolidated Schools, hackers successfully accessed records and posted information online. In 2018, Johannesburg-Lewiston Area Schools in Michigan were targeted by a malicious ransomware attack that temporarily shut down the district’s systems.
The K-12 Cybersecurity Act directs DHS’s Cybersecurity and Infrastructure Security Agency (CISA) to work with teachers, school administrators, other federal departments and private sector organizations to complete a study of cybersecurity risks specific to K-12 educational institutions, including risks related to securing sensitive student and employee records and challenges related to remote-learning. Following the completion of that study, the bill directs CISA to develop cybersecurity recommendations and an online toolkit to help schools improve their cybersecurity hygiene. These voluntary tools would be made available on the DHS website along with other DHS school safety information.
The K-12 Cybersecurity Act has been endorsed by the Michigan Association for Computer Users in Learning, Consortium for School Networking, School Superintendents Association, National Association of Secondary School Principals and the American Federation of Teachers.
As Chairman of the Homeland Security and Governmental Affairs Committee, Peters has led efforts to bolster our nation’s cybersecurity defenses. As a part of the American Rescue Plan Act, Peters helped secure and enact nearly $2 billion to modernize and secure information systems critical to the federal pandemic response. The Senate, last month, also passed his provision to help protect our nation’s public water infrastructure technology systems, following recent attacks on water utilities. Peters also recently introduced bipartisan legislation to provide additional resources and better coordination for serious cyber-attacks against public and private networks. He has also convened two hearings with top federal cybersecurity officials to discuss recent breaches and attacks against American systems.
###
