Work with other information-sharing organizations, such as fusion centers, state school safety centers, other state and regional agencies, and associations.Join relevant collaboration groups, such as MS-ISAC and K12 SIX.CISA recommends that K-12 organizations take these key steps: Situational awareness of changes in the risk environment is critical to ensure that resources are allocated to the most effective security mitigations and controls. K-12 entities struggle to fund cybersecurity resources while combating continuous threats. Focus on collaboration and information sharing. Minimize the burden of security by migrating IT services to more secure cloud versions.ģ.Expect and call for technology providers to enable strong security controls by default for no additional charge.Utilize free or low-cost services to make near-term improvements in resource-constrained environments.Work with the state planning committee to leverage the State and Local Cybersecurity Grant Program (SLCGP).This resource shortfall is a major constraint to implementing effective cybersecurity programs across all K-12 entities. There is a clear need for increased cybersecurity budgeting and support mechanisms across the community. Most school districts are doing a lot with a little. Recognize and actively address resource constraints. Over the long-term, K-12 entities should mature to build an enterprise cybersecurity plan that leverages the NIST Cybersecurity Framework (CSF).Ģ. In the near-term, K–12 entities should progress to adopting further investments in alignment with the full list of CISA’s Cybersecurity Performance Goals (CPGs). Implement a strong cybersecurity training program.Regularly exercise an incident response plan.Mitigate known exploited vulnerabilities.Deploy multi-factor authentication (MFA).Begin with a small number of prioritized investments: In an environment of limited resources, leaders should leverage security investments to focus on the most impactful steps. Invest in the most impactful security measures and build toward a mature cybersecurity plan.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |