Federal agencies should do a better job coordinating the growing issue of school cybersecurity, the US Government Accountability Office said in a report Monday.
Primary schools face a range of cyber security threats from actors motivated by the promise of financial gain, the desire to steal data or simply to be disruptive, the report says.
As of 2018, schools in most states have reported cyberattacks on their systems, with COVID-19-related remote learning protocols increasing their potential. Cyber threats have escalated over time, becoming “more sophisticated and pervasive,” the report said.
However, the exact extent of the cyber incidents’ impact on K-12 is unknown, in part because there are no federal requirements for school districts to report incidents to federal authorities, the report said.
It says that while the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency provides a variety of cybersecurity products and services to K-12 school districts, there are no formal channels for how agencies coordinate with each other or with schools to address the problem.
The report’s recommendations include that the Minister for Education, in consultation with CISA, establish collaborative mechanisms to coordinate cyber security efforts; develop metrics to obtain feedback to measure the effectiveness of cybersecurity-related products and services; and coordinate how best to help school districts address the problem.