10 Resources for schools to address cyber-physical threats
K-12 school districts face various challenges ranging from classroom sizes to natural hazards, safety risks, and security threats. On top of all the challenges that schools face, multiple agencies have also reported increased cyberattacks against K-12 educational institutions.
In 2020, there were more than 400 cyberattacks on schools, according to a report by the K-12 Cybersecurity Resource Center, an organization that records cyberattacks on US schools. However, experts believe that this number is a massive undercount.
While detecting, preventing, and responding to physical acts of violence remains a high priority, the increase of cyberattacks aimed at schools requires that school leaders prioritize cyber-physical security.
Here are twelve education-appropriate resources that school leaders can use for guidance to optimize their cyber-physical security posture:
1-CISA Online Training (Toolkit)
CISA’s cybersecurity awareness program for parents and educators is a great resource that explains how schools can integrate cyber education into their classrooms through the Cyber Security Awareness Volunteer Education (C-SAVE) program’s scenario-based curriculum for K-12 students.
Additionally, schools can request an Internet safety presentation through Project iGuardian, an initiative that provides children, parents, and teachers with information regarding the potential dangers of online environments and how to stay safe online.
Access CISA Online Training Toolkit
2-Center for Internet Security (Case Study)
The Center for Internet Security is a community-driven nonprofit, responsible for the CIS Controls and CIS Benchmark, globally recognized best practices for securing IT systems and data.
The Multi-State Information Sharing and Analysis Center (MS-ISAC) is the focal point for cyber threat prevention, protection, response, and recovery for the nation’s state, local, territorial, and tribal (SLTT) governments. Membership is open to all K-12 public schools in the U.S.
Review the Center for Internet Security resources
3-Office of Educational Technology (Resources)
The Office of Educational Technology provides openly licensed educational resources that reside in the public domain or have been released under a license that permits their free use, reuse, modification, and sharing with others.
Digital openly licensed resources include complete online courses, modular digital textbooks as well as more granular resources. Essentially, this organization makes it easier for education stakeholders, such as LEAs, SEAs, IHEs, teachers, students, and others to benefit from Department funded learning materials.
Review the Office of Educational Technology resources
4-K-12 Cybersecurity learning standards (Case study)
The K-12 Cybersecurity Learning Standards have been designed with usability in mind. CYBER.ORG has designed the standards to be comprehensive, easy to use, and easy to find. States, districts, and all educators will be able to use the standards. They are available for wholesale adoption and are available for districts and educators to incorporate into existing curricula opportunities or course standards.
Review the K-12 Cybersecurity learning standards.
5-National Institute of Standards and Technology (Framework)
The National K12 Cybersecurity Education Roadmap provides strategies for increasing the quantity, quality, and diversity of students pursuing cybersecurity careers. The Roadmap outlines five major elements:
- Increase Cybersecurity Career Awareness
- Engage Students Where Disciplines Converge
- Stimulate Innovative Educational Approaches
- Promote Cybersecurity Career Pathways
- Prioritize Research.
Access NIST Roadmap for K-12 Cybersecurity Education
6-Setting a national standard for K-12 cybersecurity (Article)
This article covers how schools have become prime targets for cybercrime and effective best practices to mitigate risks. The article also covers how schools can approach the improvement of cybersecurity capabilities in phases, using a risk-based approach to account for the unique scenarios they may face.
The writer uses the CISA model to explain how school leaders can establish district-based cybersecurity leadership by focusing on three main components:
- Prevention and detection: Create active, uninterrupted barriers of protection aligned with the district’s digitalization strategy to help address cyber threats.
- Response: Mitigate or act quickly upon detecting cyber threats.
- Resiliency: Successfully recovering in a timely fashion in case detection and response are rendered insufficient when mitigating threats.
Read: Setting a national standard for K-12 cybersecurity
7-Tips to improve your school’s security posture (Article)
With so many resources, recommendations, and questions directed at school leaders, they can easily find themselves overwhelmed when addressing their school’s physical security challenges.
This article explains the challenges that school administrators have when it comes to managing their physical security systems.
The article makes the point that while each school is unique, and there is no standardized checklist for schools to follow, a systems-based approach is an effective way for schools to evaluate their challenges from the ground level.
Read: Effective tips for K-12 Schools to improve their physical security posture
8-K-12 School Security Practices Guide
This document provides action-oriented security best practices and options for consideration primarily to K-12 schools. It does a good job of outlining preventive and protective measures to address the threat of gun violence in schools.
The options for consideration expressed in this guide are based on outreach to K-12 schools, and security assessments conducted by the U.S. Department of Homeland Security. Along with prevention and protection guidance, the document provides insights into core capabilities including security plans, mitigation, response, and recovery efforts.
Review: K–12 School Security Guide (2nd Edition) and School Security Survey
9-Adopting a Systems Approach to School Physical Security
This report provides enhanced tools for kindergarten-through–12th grade (K–12) schools and school systems to improve school safety. This report provides an overview of approaches to physical security planning from a wide variety of disciplines to build a systems approach to thinking about school physical security that also accounts for the effects that security measures can have on school climate and on other important elements that affect schools’ ability to achieve their broader educational mission.
This report provides enhanced tools for kindergarten-through–12th grade (K–12) schools and school systems to improve school safety. This report provides an overview of approaches to physical security planning from a wide variety of disciplines to build a systems approach to thinking about school physical security that also accounts for the effects that security measures can have on school climate and on other important elements that affect schools’ ability to achieve their broader educational mission.
- Elements of prevention and response and recovery.
- Protection and risk mitigation extend beyond the physical security space to affect and interact with important elements of school violence prevention, such as student mental health and school climate, as well as emergency response and recovery efforts.
Read: A Systems Approach to Physical Security in K–12 Schools
10-SiteOwl Lifecycle management platform (Case Study)
Coordinating and managing security systems seamlessly is a top priority for every school. SiteOwl is the world’s first unified digital platform enabling security integrators and system managers to design, install, and manage their systems on a cloud-based platform.
With SiteOwl school system managers can consolidate, track, and manage all system devices across multiple campuses from a single interface. For example, with SiteOwl, a large school district in Texas was able to streamline its security system and quickly add security devices and update floor plans at more than 60 schools in less than 4 days.
Review: SiteOwl’s K-12 Case Study
Conclusion
In this digital-first world, schools must evaluate if the security measures they have in place are sufficient to address standard school safety and security risks as well as cyber-physical threats.
The challenge for schools is that while students use various internet-connected devices for in-person and remote learning, these same devices can also serve as points of entry for cybercriminals leading to system disruptions or worse.
The bottom line is that Schools want to get the most out of their security investment. However, because schools use a wide variety of security technologies, each with its purpose and reporting mechanism, it can be difficult for school officials to track and manage all system devices across multiple locations.
At SiteOwl, we are on a mission to empower schools and system owners with the tools they need to provide safe environments for students and staff.
Su Subburaj
Su is SiteOwl's CMO and leads all marketing and communications. Su has extensive strategy and management consulting experience and previously consulted for 3Sixty Integrated where she gained an in-depth understanding of digital transformation challenges in the physical security industry. When not working on strategies to expand SiteOwl's footprint, Su enjoys bad karaoke, weightlifting and traveling.