K12 SIX Releases Essential Cyber Incident Response Model for Schools
K12 Security Information Exchange today released a free Cyber Incident Response Handbook for US Public Schools, a fill-in-the-blank style guide created specifically to help K-12 school leaders develop an effective response plan and complete for any type of cyber incident.
K12 SIX, a cyber threat information-sharing community and the nation’s only nonprofit dedicated solely to the cybersecurity needs of elementary and secondary schools in the United States, developed the Runbook with input from industry professionals. K-12 Computing, the organization said in a news release. .
The Cyber Incident Response Handbook aligns with the NIST Incident Response Lifecycle and is tailored to the needs and context of K-12 schools; it includes guidance for coordination with internal and external partners, communications with stakeholders and handling student-initiated incidents, K12 SIX said.
The Runbook is the second in K12 SIX’s series of free cybersecurity guides for schools; guides can be downloaded at K12SIX.org/essentials-series. The fillable guide is designed to be printed, annotated, and distributed to a school’s IT staff, providing a reminder that IT resources are likely to be inaccessible during a cyber incident.
The Runbook guides district managers and IT staff through creating a step-by-step response plan for a suspected cyberattack or cyberincident, starting with a list of names and contact information for legal, IT, security , operations, finances and human resources of a school district. , insurance and communication both internally and externally. Also included on the “cyber incident contact list” are officials of other departments, such as payroll and transportation, as a cyber incident is likely to disrupt access to network and communication systems. of a district, at least initially, as the Runbook notes.
The guide then walks district leaders, in great detail, through the four steps to developing an effective cybersecurity incident response plan: preparation; detection and analysis; containment, eradication and recovery; and Post-Incident Activity.
“Trends point to a growing cybersecurity crisis in the U.S. K-12 sector. Schools of all types and sizes, coast to coast, have experienced significant cyber incidents,” said Doug Levin, National Director of K12 SIX. “Too many K-12 organizations have not prepared enough for cyber incidents. The K12 SIX Essential Cyber Incident Response Runbook serves as a high-level checklist for school personnel to organize their actions in the event of a cyberattack; it is a complement to other K12 SIX tips and resources designed to help schools defend against attacks.
The development of the K12 SIX Essential Cyber Incident Response Runbook was supported by Microsoft.
Learn more and download the guide from the Essentials page on K12six.org.