K-12 Cybersecurity Initiative
What is the K-12 Cybersecurity Initiative?
To counter the rising surge of ransomware and malicious activity affecting local educational agencies (LEAs) around the state, the Texas Education Agency (TEA) submitted an exceptional item request for funding to the Texas Legislature to provide cybersecurity resources to LEAs. We are pleased to announce that our request has been approved, and we will be able to distribute in-kind services with these funds between September 1, 2023 and August 31, 2025.
The purpose of this initiative is to provide immediate solutions to protect LEAs from major cyber incidents, such as ransomware. Priority will be given to rural LEAs, and cybersecurity practitioners will be available at your regional education service center to assist with implementation of cybersecurity controls that fall within scope of this initiative.
The following cybersecurity controls are highly encouraged for all LEAs to implement between September 1, 2023 and August 31, 2025 and fall within the scope of this initiative:
- Implement fully managed Endpoint Detection and Response (EDR) on LEA servers and applicable staff devices. TEA will fully fund licenses with limited distribution. See details below.
- Implement Multi-Factor Authentication (MFA) on staff email systems.
- Implement email protocol security configurations.
- Restrict local admin access.
The following cybersecurity controls are funded on a first come first served basis by TEA through the Department of Information Resources (DIR) Shared Technology Services (STS) program and are recommended to mature LEA cybersecurity posture. These controls fall within scope of this initiative:
- Complete a third-party K-12 Cybersecurity Assessment to get a baseline of your cybersecurity maturity and action plan for improving cybersecurity posture.
- Implement Network Detection and Response (NDR), especially for schools with cameras and other Internet of Things (IoT) devices.
The following cybersecurity controls are recommended to prioritize, but do not currently fall within scope of this initiative:
- Security Awareness Training for staff with access to network resources.
- Ensure backups are encrypted, stored off network, and tested regularly.
- Encryption of sensitive data
- Segment networks
- Third-Party Risk Management
How much money was appropriated for the K-12 Cybersecurity Initiative?
The Texas State Legislature appropriated $55M to support the K-12 Cybersecurity Initiative. From the legislative entry into the budget:
- It is the intent of the Legislature that the Texas Education Agency enters into an interagency agreement with the Department of Information Resources (DIR) to provide cybersecurity services for LEAs in accordance with DIR Strategy C.1.2, Security Services. Cybersecurity services to be provided by DIR may include but are not limited to, cybersecurity assessments, endpoint detection response, and network detection response.
|Funded Service Type||Availability Scope||Next Step Timeline|
|Cybersecurity technical assistance provided by ESCs||Entire state||As stood up by ESCs over the next 6 months|
|Free third-party cybersecurity assessments||First come, first served||Request for service in Fall of 2023|
|Free Endpoint Detection & Response (EDR) subscriptions through the end of 2024-25 SY||Prioritized for small & midsize LEAs||Request for service is now open!|
|Free Network Detection & Response (NDR) hardware & software through the end of 2024-25 SY||Pilot group of LEAs and ESCs||TBD|
INTER-LOCAL AGREEMENT WITH DIR SHARED TECHNOLOGY SYSTEM (STS) REQUIRED
LEAs will need to sign DIR’s inter-local agreement to receive the in-scope services from DIR’s STS, Managed Security Services (MSS) program. Our goal is to have all eligible LEAs onboarded with a signed inter-local agreement by September 1, 2023, so the services can be distributed as soon as possible. After the inter-local agreement is in place, eligible LEAs may then request in scope services through the STS program, which will be paid for by TEA starting September 1, 2023 through August 31, 2025. The MSS vendor, AT&T, or your regional education service center may reach out to your LEA to help facilitate this process. Details about this process were discussed in the April Cybersecurity Coordinator call.
LIMITED DISTRIBUTION OF EDR PER LEA ENROLLMENT
It is TEA’s intention to focus on small and rural LEAs for the distribution of EDR services through DIR’s MSS. The EDR provided, which replaces traditional anti-virus software and incorporates threat intelligence along with malicious behavior characteristics on endpoints, will be fully managed to eliminate additional LEA overhead and is one of the best solutions to prevent ransomware and secure devices. The current vendors under the MSS contract for EDR are CrowdStrike and SentinelOne. To provide a scope that we can reasonably accommodate with the funding provided, TEA will limit the distribution for LEAs with a total enrollment of 15,000 and below, with a range from 30 licenses up to licenses equal to 20% of student enrollment, whichever is larger. It is TEA’s intent to focus on high-risk and impact devices, so initial distribution should focus on servers and central office staff with any remaining licenses distributed to other staff devices that have access to sensitive data.
SECURITY ASSESSMENTS BASED ON SAMPLING OF LEAs BY SIZE
Security assessments will also be available to LEAs as part of this initiative and will also be provided by AT&T through DIR’s services catalog. The intent of these assessments is to provide a high-level look at the overall state of cybersecurity in Texas’ K-12 public entities. TEA will not receive detailed copies of reports for any individual LEA. Scope of and availability of the assessments will be based on a sampling of LEAs by size. Once those assessments are set up in the STS program, we will provide guidance to interested parties on how to request those assessments through the STS program.
*The program scope is subject to change in order to achieve initiative goals. Initiative implementation details are still in development. TEA will provide updates through Cybersecurity Coordinator Forum webinars and this site.
- Ensure your LEA has signed a New Customer Form and submit the form to Texas Department of Information Resources (DIR), in order to start the process for onboarding to the Shared Technology Services Program (STS), Managed Security Services (MSS). There is no cost to sign up for the program. This is the first step to enable your LEA to receive the services through the programs that are funded by the TEA.
- Log in to the STS portal to request your free procurement of EDR through DIR's contracted MSS provider, AT&T. Current offerings include either Crowdstrike or SentinelOne.
- Register for TEA Cybersecurity Coordinator Forum webinars to remain up-to-date on the latest offerings of the K-12 Cybersecurity Initiative.
- Technical Assistance provided by regional education service centers (ESCs) is planned but will not be available until grant funding is established. LEAs that will require technical assistance from the ESCs for in-scope projects of the K-12 Cybersecurity Initiative, including EDR implementation, will need to wait until further communication from ESCs and TEA on technical assistance availability.
- Cybersecurity Assessments – TEA and DIR are finalizing criteria and will communicate in the fall of 2023 with details for requesting this service.
- Network Detection Response – More details to come.
Webinars & Slide Decks
You may register for the Cybersecurity Coordinator Forum series using your LEA email address.
- April 2023 Cybersecurity Coordinator Forum Webinar
- May 2023 Cybersecurity Coordinator Forum Webinar
- June 2023 Cybersecurity Coordinator Forum Webinar
- August 2023 Cybersecurity Coordinator Forum Webinar
- September 2023 Cybersecurity Coordinator Forum Webinar
- K-12 Cybersecurity TAA - June
- K-12 Cybersecurity TAA - September
- STS New Customer Form (DIR inter-local agreement)