<img class=" wp-image-39097 alignleft" src="https:\/\/theenterprise.net\/wp-content\/uploads\/sites\/23\/2020\/09\/hacking-3112539_1280-300x169.png" alt="" width="375" height="211" \/>U.S. Sen. Mark R. Warner, D-Alexandria, former technology entrepreneur and Vice Chairman of the Senate Intelligence Committee, sounded an alarm about the need to protect education infrastructure from cyber-attacks following a\u00a0<a href="https:\/\/wtop.com\/fairfax-county\/2020\/09\/hackers-attack-fairfax-county-school-system-with-ranswomware\/">ransomware incident<\/a>\u00a0at Fairfax County Public Schools, the largest school system in Virginia.\r\n\r\nIn a letter to Education Secretary Betsy DeVos, Warner urged the U.S. Department of Education to\u00a0develop guidance and disseminate best practices\u00a0for K-12 schools and institutions of higher education and to work with school districts to develop a comprehensive, risk-based funding request from Congress.\r\n\r\n\u201cA ransomware attack on a school system in normal times can be disruptive and costly; in the context of a global public health emergency, with unprecedented reliance on remote learning, it is debilitating,\u201d\u00a0wrote Warner.\u00a0\u201cSophisticated cyber-attacks and more opportunistic forms of malware, like ransomware, are widespread today and require sustained vigilance. Defending against these persistent attacks requires a consistent and holistic approach. The public sector is particularly at risk given constrained state and local budgets.\r\n\r\n\u201cI recommend providing schools with guidance that includes awareness campaigns, risk management, threat mitigation, cybersecurity posture reviews, and resiliency. Awareness campaigns for both educators and students can focus on the importance of recognizing threats, such as phishing attacks, ransomware, malware, and social engineering methods. Regular evaluations can determine the effectiveness of awareness campaigns to address any gaps. Threat mitigation includes developing sufficient safeguards to ensure data security and access control,\u201d\u00a0he wrote.\r\n\r\n\u201cDetection capabilities are also needed to continuously monitor for anomalies and cybersecurity events. Schools should review these capabilities, plus their readiness to respond and recover from attacks. For example, tabletop exercises can validate processes and test procedures used before, during, and after an attack. Cyber resiliency ensures systems have an ability to continue operating in case of attack, while full restoration takes place. Many of these objectives will require new funding from Congress, particularly in the wake of the devastating impact COVID-19 has had on school system budgets,\u201d the letter stated.\r\n\r\nFairfax County Public Schools, which serves nearly 200,000 students and employs more than 24,000 employees, recently was the target of a ransomware attack that involved the theft of protected information.\r\n\r\nIn his letter, Warner pressed DeVos to work to adapt available\u00a0cybersecurity guidance from\u00a0the\u00a0National Institute of Standards and Technology (NIST) and\u00a0the\u00a0Cybersecurity and Infrastructure Security Agency (CISA) to school systems. Stressing the need for robust cybersecurity education, Warner\u00a0also\u00a0pushed DeVos to disseminate best practices to states and localities seeking to teach cybersecurity in the K-12 setting.\r\n\r\nAdditionally, he urged the Department of Education to work with educators, industry, and CISA to encourage a consortium or Information Sharing and Analysis Center (ISAC) for K-12 schools to exchange cybersecurity threat information and best practices for defense that are tailored to account for capabilities and constraints of K-12 schools.\r\n\r\nWarner, a former\u00a0technology executive, is the co-founder and co-chair of the bipartisan Senate Cybersecurity Caucus. Throughout the COVID-19 crisis, he has fought for increased cybersecurity measures as\u00a0Americans\u00a0have\u00a0increasingly relied on internet connectivity\u00a0for remote work, health, and education purposes. Among other measures, Warner has recently\u00a0<a href="https:\/\/www.warner.senate.gov\/public\/index.cfm\/pressreleases?ID=35265C1C-F157-4786-BADC-4B5450C82A7E">advocated<\/a>\u00a0for increased funding to modernize federal information technology,\u00a0<a href="https:\/\/www.warner.senate.gov\/public\/index.cfm\/2020\/3\/warner-urges-internet-networking-device-vendors-to-ensure-security-of-consumer-internet-connectivity-products">urged<\/a>\u00a0internet networking device vendors to ensure the security of their products, and\u00a0<a href="https:\/\/www.warner.senate.gov\/public\/index.cfm\/pressreleases?ID=6CD0DB2E-9391-484A-A8D0-87B89D0A2105">pressed<\/a>\u00a0cybersecurity officials to take bolster defenses against cybersecurity attacks. He has also introduced\u00a0<a href="https:\/\/www.warner.senate.gov\/public\/index.cfm\/pressreleases?ID=0E99584A-15E5-469B-A935-1670F4F73C2C">legislation<\/a>\u00a0to set strong and enforceable privacy and data security rights for health information as tech companies and public health agencies deploy contact tracing apps and digital monitoring tools to fight the spread of COVID-19.