K12 SIX Releases National Cybersecurity Standards for School Districts

First Product in New Series to Include Implementation Guidance and Communications Tools

HERNDON, Va.--()--The K12 Security Information Exchange (K12 SIX) is pleased to release the first in a series of guidance and best practice resources designed to establish baseline cybersecurity standards for U.S. school districts, charter schools, and private school institutions.

“K12 SIX Essential Cybersecurity Protections: 2021-2022 School Year” was developed by K12 IT practitioners, for K12 IT practitioners, and aligned to cybersecurity risk management best practices. The K12 SIX recommendations are designed to defend against the most common cyber threats facing school districts, including those recently identified by the Federal Bureau of Investigation and the Cybersecurity & Infrastructure Security Agency.

The K12 SIX Essential Cybersecurity Protections consists of a dozen recommended protective measures every school district should implement, at minimum. Collectively, the measures provide a holistic foundation spanning network and device security, protection of student, teacher and staff data, and critical maintenance tasks.

“School districts face an enormous challenge right now. They have undergone a digital transformation on shoestring budgets,” said K12 SIX National Director Doug Levin. “In response to the increased cybersecurity risks this has introduced, K12 SIX has developed guidance to help K12 leadership and IT teams determine where they need to spend their limited time, technology, and financial resources.”

School districts that implement the K12 SIX recommended measures will be less likely to experience significant cyber incidents involving the breach of student data, interruptions in teaching and learning, and the theft of funds. Careful consideration has been made to emphasize protective measures that can be reasonably and cost-effectively implemented in most typical K12 settings.

“What if every school district IT leader could be handed a simple, actionable, and vendor neutral checklist to help improve their cybersecurity defenses,” said April Mardock, chief information security officer for Seattle Public Schools, who encourages widespread adoption of the K12 SIX guidance and best practices. “It's here. Help spread the word,” she added.

Learn more and download the new guidance at www.k12six.org. You may also register for a September 2, 2021 webinar focused on these recommendations and their implementation.

About K12 SIX

The K12 Security Information Exchange (K12 SIX) is a new cyber threat information sharing community dedicated solely to the needs of U.S. primary and secondary education organizations. This non-profit member community is a cost-effective forum for crowdsourcing security information among a vetted, trusted group of professionals with a common interest, using common technology and with supporting, independent analysis from the K12 SIX security staff. K12 SIX is a member of the Global Resilience Federation multi-sector network of information sharing communities. Visit www.k12six.org to learn more. Contact info@k12six.org for membership information. Media inquiries may be directed to Patrick McGlone, pmcglone@grf.org.

The K12 SIX secure collaboration platform was co-built with Cyware Labs, which has committed significant resources to support the community.


Patrick McGlone

Release Summary

K12 SIX Essential Cybersecurity Protections consists of a dozen recommended protective measures every school district should implement, at minimum.

Social Media Profiles


Patrick McGlone