This week the Government Accountability Office published a report on their audit of federal programs to ensure the safety and security of K-12 educational institutions. They found that the most recent guidance from the Department of Education dates back to 2010 and that guidance minimizes the importance of cybersecurity in the protection of K-12 education facilities. The report makes two recommendations:
• The Secretary of Education should initiate a meeting with the Director of CISA to determine how to update its sector-specific plan (SSP) for the Education subsector. The plan should assess and prioritize federal actions to assist K-12 schools in protecting themselves from cyberattacks.
• The Secretary of Education should
make a determination, in consultation with the Director of CISA and based on
current cybersecurity risks, on whether subsector-specific guidance is needed
for the Education subsector.
No comments:
Post a Comment