On September 30, 2020, the Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing and Analysis Center released a joint Ransomware Guide, which is a customer centered, one-stop resource with best practices and ways to prevent, protect and/or respond to a ransomware attack.
The STOP.THINK.CONNECT.™ Campaign is a national public awareness campaign aimed at increasing the understanding of cyber threats and empowering the American public to be safer and more secure online.
The DHS Cybersecurity Education Training Assistance Program (CETAP) equips K-12 teachers with cybersecurity curricula and education tools. This resource includes project-driven Curricula (e.g., lesson plans, assessments); programs (e.g., hands-on cybersecurity learning activities for middle-school and high-school students); and Student Resources for students, parents, and activity leaders looking to enhance students’ awareness of STEM, computer science, and cyber topics.
Published in December 2020, this report by the Cybersecurity and Infrastructure Security Agency (CISA) details how cyber actors are targeting school computer systems, slowing access, and rendering the systems inaccessible to basic functions, including remote learning. In some instances, ransomware actors stole and threatened to leak confidential student data unless institutions paid a ransom.
Recommendations for schools as they use videoconferencing apps developed by the Cybersecurity & Infrastructure Security Agency (CISA).
COVID-19 has disrupted education and has forced schools to pivot quickly to a distance learning approach, which is often virtual. Using virtual learning products comes with concerns about student privacy, including for students receiving special education and related services. Federal privacy laws don’t explicitly address how to handle every situation, but concerns about privacy should not be a barrier to serving students as best as educators are able. This guide, developed by the National Center for Learning Disabilities and Future of Privacy Forum is designed to provide an overview of major relevant privacy laws and to help educators think through common scenarios that might present privacy concerns, particularly for students with disabilities.
A website that helps all education privacy stakeholders learn the basics, keep informed about the latest news, laws, and resources, and better communicate how to ensure education privacy while allowing for the good use of data and technology in education. It includes specific resource pages for K-12 officials, higher ed officials, parents, students, industry, and policymakers.
The National Data Privacy Agreement (NDPA) streamlines application contracting and sets common expectations between schools/districts and marketplace providers. The LTC created an Illinois-specific exhibit that modifies the NDPA for use in Illinois, making it compliant with SOPPA regulations. Learn more about NDPA and the Illinois Student Privacy Alliance.
A legislative brief that introduces requirements under the Student Online Personal Protection Act (SOPPA), which provides additional guarantees that student data is protected when collected by educational technology companies, and that data is used for beneficial purposes only (105 ILCS 85).
A legislative brief that provides a high-level overview of all Illinois student data privacy laws.