Loyal readers may notice that the weekly round-up of news stories and commentary – A Thinking Person’s Guide to EdTech News – has been on a hiatus for a few weeks. I have been working on a new and eye-opening research project.
Posts in category Privacy
If there is an Achilles’ heel to a future of robust personalized learning for all K-12 students, it is the uneven attention to the cybersecurity risks facing school information technology assets and data. In this post, I offer emerging lessons about real and perceived information security issues facing schools from the data underlying the K-12 Cyber Incident Map.
Earlier this week, an unknown person or persons launched a short-lived, but clever cyber attack against Google Docs’ users. While apparently not targeted toward schools, it very quickly found its way to K-12 classrooms nationwide, resulting in alarm and confusion. Based on my investigation of the exploit, here are the three lessons I believe those of us in K-12 education should take from this incident.
Today, I am pleased to introduce and launch the “K-12 Cyber Incident Map.” It is a visualization of cybersecurity-related incidents reported about U.S. K-12 public schools and districts from 2016 to the present. Painstakingly assembled from public reports, it was created to begin to build a data-based awareness of the scope and variety of digital security and privacy threats facing K-12 public schools and districts, as well as to shed a light on the need for uniform standards for disclosing cyber incidents affecting schools, students, and educators.
It is time to reboot the social contract for public education in a digital age. At the same time, we must remain clear-eyed and recognize the ways in which technology also introduces new issues and potential threats. What we need are terms of service that provide every student and their family assurances that their interests remain at the fore.
Select state government audits of school district IT security procedures find a concerning state of affairs. State departments of education should adopt and promulgate digital security expectations and best practices for schools, provide technical assistance and resources to districts to support implementation, and conduct regular audits to ensure compliance.