Rosen is a Co-Sponsor of the K–12 Cybersecurity Act of 2021, New Law Follows Ransomware Attack Against Clark County School District
WASHINGTON, D.C. – Today, U.S. Senator Jacky Rosen (D-NV), a member of the Senate Homeland Security and Governmental Affairs Committee (HSGAC), attended a signing ceremony at the White House of the K-12 Cybersecurity Act of 2021, bipartisan legislation she co-sponsored and voted for which will direct the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) to complete a study of cybersecurity risks to schools and develop voluntary recommendations and an online toolkit to help schools improve their cybersecurity. In August 2020, Nevada’s Clark County School District (CCSD), the fifth-largest school district in the United States, was the target of a ransomware attack.
“Schools in Nevada and across the country are increasingly becoming targets for ransomware and other cyberattacks, risking the personal information of students, faculty, and staff,” said Senator Rosen. “I’m proud to see this bipartisan legislation that I co-sponsored signed into law, and I know that the K-12 Cybersecurity Act will help school systems like the Clark County School District prevent debilitating ransomware attacks and have the tools and resources to combat cyber threats.”
BACKGROUND: The K-12 Cybersecurity Act directs CISA to work with teachers, school administrators, other federal departments, and private sector organizations to complete a study of cybersecurity risks specific to K-12 educational institutions, including risks related to securing sensitive student and employee records and challenges related to remote-learning. Following the completion of that study, the bill directs CISA to develop cybersecurity recommendations and an online toolkit to help schools improve their cybersecurity hygiene. These voluntary tools would be made available on the DHS website along with other DHS school safety information.
Earlier this year, Rosen introduced the Improving Cybersecurity of Small Organizations Act, bipartisan, bicameral legislation to require CISA to establish cybersecurity guidance to help small businesses, nonprofits, and small government jurisdictions – including school districts – implement protections against cybersecurity threats and risks.