TEA Cybersecurity Funding Available for Smaller Districts

From student and personnel records to vendor contracts, school districts are prime targets for cyber-attacks. In fact, reported attacks against the education sector increased by an astounding 225% between 2018 and 2021, according to the FBI Internet Complaint Center.

TASB Risk Management Fund members had an opportunity to survey the cybersecurity landscape for Texas school districts at a three-day conference in April that drew hundreds of Fund members from across the state.

The “School Cybersecurity Report Card” session — led by Lucas Anderson, privacy and cyber risk consultant for TASB Risk Management Services, and Todd Pauley, deputy chief information security officer for the Texas Education Agency — shared free and low-cost resources that can help strengthen cyber defenses, particularly in districts with enrollments of 15,000 students or fewer.

Anderson gave an overview of cyber threats districts face now, including phishing attacks, unsecured electronic records, fraudulent instruction, ransomware, and newer threats such as cryptojacking, which is malicious software that mines network resources to fuel the creation of digital currencies (cryptocurrencies). He told session attendees that the investment of time and resources into improving a district’s cybersecurity now will save money in the long term through the prevention of such attacks."You can go back to your district and save them tens of thousands of dollars tomorrow," Anderson said.

Pauley noted that the TEA recently created the K-12 Cybersecurity Initiative to provide solutions to help protect districts from major cyber incidents. The Texas Legislature appropriated $55 million to support grants to districts through the initiative.

Cybersecurity Initiative grants help smaller and rural districts implement fully managed endpoint detection and response (EDR) capabilities, which allows districts to monitor user devices such as students' and employees' laptops to detect cyber threats, said Pauley.

"It's not just the money saved,” Anderson said. "It's the reputational damage prevented and the protection of student data, which is the most critical thing that we are worried about."

More information about the K-12 Cybersecurity Initiative can be found on the TEA website. TEA suggests other free and low-cost cybersecurity resources available to school districts:

The Multi-State Information Sharing and Analysis Center® (MS-ISAC®) —A resource for cyber threat prevention, protection, response, and recovery for all U.S. State, Local, Tribal, and Territorial (SLTT) governments. Membership is free for public K-12 education entities. learn.cisecurity.org/ms-isac-registration

Malicious Domain Blocking and Reporting (MDBR) — A no-cost service available for MS-ISAC members that provides an additional layer of cybersecurity protection. MDBR technology prevents IT systems from connecting to harmful web domains, helping limit infections related to known malware, ransomware, phishing, and other cyber threats. mdbr.cisecurity.org/

Cybersecurity & Infrastructure Security Agency Regional Resources — Provides systems reviews and workshops on a number of cyber threats. cisa.gov

CyberPatriot - Created by the Air & Space Forces Association for K-12 students with a focus on careers in cybersecurity. uscyberpatriot.org