Improving K-12 Cybersecurity: First Steps

Attacks against K-12 schools and districts have disrupted and closed schools, exposed sensitive data of students, their families, teachers, and administrators, and cost millions of taxpayer dollars. Last year, the White House convened a Summit on K-12 Cybersecurity. Building on that event, the White House Office of the National Cyber Director (ONCD) has launched an initiative to help K-12 school and district administrators understand the resources available to help them combat emerging cyber threats.

While each State, region, district, and school address cybersecurity in their own way, ONCD has identified protective domain name service (PDNS) as a common solution that all schools and districts should utilize.

WHAT IS PROTECTIVE DOMAIN NAME SERVICE (PDNS)?

PDNS helps prevent ransomware and other cyber attacks by preventing computer systems from connecting to harmful websites and other dangerous areas of the internet without the user having to take any action. It stops attacks before they happen. Most importantly, it is very easy to set up, and there is virtually nothing a user or organization has to do after setup. The PDNS provider updates the list of malicious domains that are being blocked on behalf of the customer behind the scenes. PDNS doesn’t generate an alert a school system needs to follow up on – it prevents a bad connection from ever being made, stopping attacks before they happen. Unlike some other solutions in cybersecurity, there are no complicated passwords to remember or menu options to configure.

HOW DO SCHOOLS SIGN UP FOR PDNS?

There are a variety of technology companies and other service providers that can provide PDNS to schools. One provider is the Federal government-funded Multi-State Information Sharing and Analysis Center (MS-ISAC), which offers PDNS to schools for no-cost. The MS-ISAC calls its PDNS service Malicious Domain Blocking and Reporting (MDBR).

Some State governments and regional Educational Service Agencies also offer PDNS to schools within their regions. There are also technology companies that offer PDNS, some of whom do not charge certain K-12 schools for the service.

WHAT ELSE SHOULD SCHOOLS DO?

While signing up for PDNS is a best practice for schools and districts, there are several other necessary steps to protect school data and systems on which students, teachers, staff, and administrators rely. Thankfully, there are government organizations like the Cybersecurity and Infrastructure Security Agency (CISA) who have regional cybersecurity advisors that can help. The MS-ISAC also provides resources to help schools improve their cybersecurity plans and mature their defenses.

Stay Connected

Sign Up

We'll be in touch with the latest information on how President Biden and his administration are working for the American people, as well as ways you can get involved and help our country build back better.

Opt in to send and receive text messages from President Biden.

Scroll to Top Scroll to Top
Top