Schools Turn to Several Internal Partners for Cybersecurity Assistance
In addition to external partnerships, K–12 IT leaders can also look for guidance and support from within their own districts.
North Penn School District has relied on leadership to make sweeping cybersecurity changes in its district, such as implementing MFA.
“We have an ed tech team of union leadership … that will meet with us monthly or whenever there is something we need to discuss that needs to go out to the membership that we need their support on,” Landis explained. “We began talking about MFA in 2021-22. We actually didn’t implement it until the start of this past school year, so it was pretty much a yearlong conversation.”
The district’s tech team used the union leadership representatives to garner support for MFA, and it generated further acceptance of the new technology by introducing it to district administrators over the summer.
Other districts supported cybersecurity by forming their own committees. District leaders of Alabama’s Jefferson County Schools presented a session on Tuesday called “Curating Digital Resources: Our Journey Toward Strategically Supporting Instruction and Data Privacy,” in which they shared how they formed a digital resource committee to evaluate the privacy of technologies used in the district and also look at equity.
“The committee was really important to me because, in curriculum, we wanted to make sure that instruction was equitable across the district,” said Leslie Richards, Jefferson County Schools’ secondary director of curriculum, instruction and student support. “We knew that we had to be intentional and strategic about the choice of our resources to ensure that equity occurred in instruction.”
From a security standpoint, the committee evaluates requests from school staff to use new resources, such as applications for teaching and learning. Because the committee includes members of the technology, curriculum and federal programs teams as well as executive district leadership, it doesn’t require a dedicated security expert to make these evaluations. Instead, the school system uses its internal experts to evaluate privacy questions and learning standards through multiple lenses.
RELATED: Schools are taking steps to protect themselves from third-party risk.
Other schools, such as Ohio’s Lakota Local Schools, rely on a different internal resource to bolster cybersecurity: their students.
In the panel discussion Tuesday, Krueger mentioned Lakota’s Cyber Academy, which trains high school students in cybersecurity, allowing them to earn certifications and even secure jobs directly out of high school. On this track, if a student chooses to pursue higher education, he or she can earn college credits while working in the field.
An audience member mentioned that his district has a similar program. Luis Hernandez, CIO for Vista Charter Public Schools in Santa Ana, Calif., shared how his school also trains students to champion cybersecurity. “Our students are starting their cybersecurity exposure next year in elementary but currently in middle school.”
Hernandez mentioned that, for high school students, the school has a dual enrollment program with a local community college. “They have a really good cybersecurity program, with a high transfer rate to four-year colleges and a high certification rate.”
Regardless of where K–12 schools are in their cybersecurity journeys, IT professionals shouldn’t feel as though they’re traveling alone. There are partners who can help schools get started or maintain their security posture to keep students and their data safe.