Empowering K-12 schools and libraries to strengthen their cybersecurity posture with new funding opportunities and best practices.
Recent attacks reveal that K-12 schools and libraries are prime targets for cyber actors. Ransomware attacks have had dire consequences and highlighted the need for such institutions to strengthen their cybersecurity posture and reduce risk. Increased attacks against schools have resulted in financial losses, sharing of sensitive data and loss of learning time. Additionally, attacks against libraries have resulted in sharing sensitive data and losing vital services, with recovery taking weeks to months.
Despite these attacks, cybersecurity is often a challenge for these institutions due to underfunding, limited financial and staffing resources, and competing priorities. This often results in schools and libraries taking a reactive vs. proactive approach to cybersecurity, with cyber resilience becoming a secondary focus. By taking advantage of the FCC's new $200 million Cybersecurity Pilot Program, these establishments can access resources to help protect themselves against these growing threats and ensure the safety of their digital environments.
What can schools and libraries do to reduce cyber risk?
The FCC recently announced cybersecurity funding for K-12 schools and libraries. The program will enable eligible schools and libraries to request funding for cybersecurity services and equipment. The application window is expected to open in the Fall of 2024. More information about the program can be found on the FCC Cybersecurity Pilot Program webpage.
The details:
- Funding Amount: $200 million in Universal Service Funds available to eligible schools and libraries for eligible cybersecurity services and equipment.
- Timeframe: Three (3) years
- Eligible Recipients: Public and non-profit private schools (K-12), libraries, and groups of schools and libraries (e.g., consortia, districts, systems) that meet the E-Rate program’s eligibility requirements.
- Awards: Eligible schools selected for the Pilot Program may receive a minimum budget of $15,000 and a maximum budget of $1.5 million. Eligible libraries selected for the Pilot Program may receive up to $175,000. Participants may seek reimbursement for Pilot Program expenses as they are incurred, as long as the total amount of funding does not exceed the total amount awarded for the three-year term.
- Services/equipment covered: Eligible services and equipment include vulnerability management, identity protection and authentication; monitoring, detection, and response; endpoint protection; and advanced/next-generation firewalls. Here’s a detailed list of eligible services and equipment.
- Has something similar been done before? The Pilot will operate similarly to the E-Rate program which provides discounts for telecom and internet services for schools and libraries.
Specifics on the application process
The application form is divided into two parts. Part one will be open to all eligible schools and libraries, and applicants will be required to submit the first part of FCC Form 484, titled “Schools and Libraries Cybersecurity Pilot Program Application.” This form will be available and submitted online through the pilot portal on the USAC website once the application window opens in the fall.
The second part of the FCC Form 484 application is only for applicants selected for the program. Information about the application process and requirements can be found on the FCC Cybersecurity Pilot Program webpage. Applicants can now begin to prepare for the application window opening up in the fall by completing pre-application steps found in the FCC program application guide.
Cybersecurity Pilot Program requirements
As required by the FCC, to apply for funding schools and libraries will need to submit a plan that shows how funding will be used to address cybersecurity needs and reduce cyber risk. The project plan should identify cybersecurity goals, outline steps to achieving them, and include evaluation metrics.
Tenable is uniquely positioned to help schools and libraries reduce cyber risk through the Tenable One Exposure Management Platform. As the only end-to-end exposure management platform, Tenable One radically unifies security visibility, insight and action across the attack surface. Using Tenable One, schools and libraries can take a proactive stance towards cybersecurity and address critical concerns, such as protecting against ransomware.
With diverse IT environments and many users in their directory, Tenable one helps schools gain full visibility into their entire infrastructure and address privilege solutions such as Active Directory.
As schools and libraries face staffing and resource constraints, Tenable One enables them to prioritize effectively, by anticipating threats and focusing efforts to prevent likely attacks. Using insights from the platform, schools and library leaders can accurately communicate cyber risk, measure progress over time, and communicate results to stakeholders such as the board, state, or auditors.
Tenable One allows you to:
- Gain a unified view of cyber risk across your attack surface, exposing the gaps that leave you vulnerable to attack across all types of assets and pathways, spanning IT, OT and IoT assets, cloud resources, containers, web apps, identity access and privilege solutions, and more.
- Analyze cyber risk and insights from across the attack surface as one, connecting dots to identify the true exposures threatening your school or library, reputation and trust.
- Communicate risk posture to stakeholders in order to make informed decisions and mobilize resources to find and fix exposures with the highest likelihood of attack and disruption to your school or library.