CISA releases advice on how to safeguard K–12 organizations

To help K–12 schools and school districts in their struggle against cybercrime the Cybersecurity & Infrastructure Security Agency (CISA) has released the report, Protecting Our Future: Partnering to Safeguard K–12 organizations from Cybersecurity Threats.

A cybersecurity incident can significantly impact a school or district’s ability to carry out its educational mission. Late last year, CISA warned of ransomware particularly targeting the education sector, and less than two weeks ago we reported on multiple schools being hit by a ransomware attack.

This report gives insight in the particular threats the K–12 community is facing and offers actionable steps school leaders can take to strengthen their cybersecurity efforts.

1. Resource constraints

When resources are limited, it is important to make sure that the measures you choose to take are the most impactful ones. Important recommendations to that effect are:

  • Working with technology providers that offer low-cost services and products that are secure by design and default.
  • Urgently reducing the security burden by migrating to secure cloud environments and trusted managed services.

CISA also recommends starting with the security controls that have the highest priority, making sure you align near-term investments with pressing goals and compliance regulations. You should also have a long-term cybersecurity plan that leverages the NIST Cybersecurity Framework (CSF), a set of guidelines for mitigating organizational cybersecurity risks.

2. Security measures

Some examples of high-priority measures provided by CISA, which ring true for most organizations, are:

  • Deploying multifactor authentication (MFA)
  • Mitigating known exploited vulnerabilities
  • Implementing and testing backups
  • Regularly exercising an incident response plan
  • Implementing a strong cybersecurity training program

CISA recommends that K–12 organizations adopt its Cybersecurity Performance Goals (CPGs)—a set of cybersecurity practices that, when implemented, “can meaningfully reduce the likelihood and impact of known risks and adversary techniques”.

3. Help each other

Collaboration and information sharing are both cost-effective and mutually beneficial in order to improve awareness of current threats and how to meet them. CISA provides these suggestions:

  • Join relevant information and threat intelligence collaboration groups, such as the MS-ISAC and K12 SIX.
  • Work with other information-sharing organizations, such as fusion centers, state school safety centers, other state and regional agencies, and associations.
  • Build a strong and enduring relationship with CISA and FBI regional cybersecurity personnel.


CISA has also published a toolkit that aligns resources and materials to each of its three recommendations, along with guidance on how stakeholders can implement each recommendation based on their current needs.


Many K–12 organizations operate their own IT systems, known as “on premises” systems. Such systems require time to patch, to monitor, and to respond to potential security events.

Malwarebytes can help K-12 organizations by combining these tasks and taking them to the cloud.

Read also: 5 must haves for K-12 cybersecurity.