The K12 Security Information Exchange (K12 SIX) are a relatively new K12-specific ISAC – launched to help protect the US K12 sector from emerging cybersecurity risk. One of our signature accomplishments in our first year was the development and release of our ‘essential protections’ series – an effort to establish baseline cybersecurity standards for schools. See: https://www.k12six.org/essential-cybersecurity-protections

https://www.grf.org/

Global Resilience Federation

We will help your industry develop or enhance a trusted threat information sharing community, obtain actionable intelligence, and support you in emergencies.

We all count on the resiliency of essential services - services from the electricity powering our homes and the connectivity of entertainment apps, to the legal systems and financial pipelines driving the global economy. But this infrastructure faces constant threats from hacktivists, criminals, and rogue states, and they are growing in sophistication.

Leveraging nearly 20 years of ISAC and ISAO expertise, GRF is a non-profit created to connect sharing communities, for mutual defense.  

https://static1.squarespace.com/static/5e441b46adfb340b05008fe7/t/611d5fceff375d79ff4507c7/1629315022292/K12+SIX+Essential+Cybersecurity+Protections+2021+2022.pdf

https://theconversation.com/cybercriminals-use-pandemic-to-attack-schools-and-colleges-167619

https://edscoop.com/texas-school-paid-547k-ransomware-jam/ 

https://statescoop.com/ransomware-allen-texas-school-district-email-parents/ 

https://www.toptal.com/insights/innovation/cybersecurity-in-higher-education

https://www.highereddive.com/spons/inside-higher-educations-ransomware-crisis-how-colleges-and-universities/609688/

https://www.cnn.com/2022/01/07/politics/ransomware-schools-website/index.html

https://www.13abc.com/2021/02/22/toledo-public-school-students-seeing-effects-of-massive-data-breach/

2020 report: https://k12cybersecure.com/wp-content/uploads/2021/03/StateofK12Cybersecurity-2020.pdf

85-89% of school systems have 2,500 students or fewer

Omg: https://www.edweek.org/leadership/education-statistics-facts-about-american-schools/2019/01

https://www.youtube.com/watch?v=otv0KzkfLSc –Florida mom, daughter accused of rigging homecoming queen votes break silence

There are 130,930 public and private K-12 schools in the U.S., according to 2017-18 data from the National Center for Education Statistics (NCES). Here’s how they break down:

• All: 130,930
• Elementary schools: 87,498
• Secondary schools: 26,727
• Combined schools: 15,804
• Other: 901

What are some of the ways you go about addressing the challenge of even reaching smaller schools? Does the isac help?

How do you communicate major security events like log4j? Do you keep track of complications with certain software stacks?

Someone listening might say “hey, I’d love to help…” what/if any opportunities can the larger infosec community do to help your org?