The Kansas State Department of Education (KSDE) is partnering with Kansas school districts to develop cybersecurity guidance and recommendations that can help schools from becoming targets for cyberattacks.
A survey was sent to all 286 public accredited districts, and 147 districts responded.
The results showed that many school districts haven’t implemented basic IT security controls. 58% don’t require security awareness training, and 63% don’t annually assess IT security risks.
Districts reported that staff-related issues, such as the inability to hire sufficient IT staff members and the inability to offer a competitive wage, were significant barriers.
The Legislative Division of Post Audit recommended that the Kansas Legislature consider directing KSDE to establish a set of minimum IT security standards for school districts.
KSDE began collaborating with districts and developed the publication, “Cybersecurity Guidance and Recommendations for Kansas School Districts.” A K-12 Technology Council is being formed and will be chaired by IT directors who can help provide professional development to all district technology staff members.
KSDE also has developed a security policy template and an example of an acceptable use template. The agency also is developing IT security and data privacy training that will be available to Kansas districts and is in the process of creating a KSDE K-12 Technology webpage.