K-12 Cybersecurity Initiative


What is the K-12 Cybersecurity Initiative?

To counter the rising surge of ransomware and malicious activity affecting local educational agencies (LEAs) around the state, the Texas Education Agency (TEA) submitted an exceptional item request for funding to the Texas Legislature to provide cybersecurity resources to LEAs.  We are pleased to announce that our request has been approved, and we will be able to distribute in-kind services with these funds between September 1, 2023 and August 31, 2025.

The purpose of this initiative is to provide immediate solutions to protect LEAs from major cyber incidents, such as ransomware. Priority will be given to rural LEAs, and cybersecurity practitioners will be available at your regional education service center to assist with implementation of cybersecurity controls that fall within scope of this initiative. 

The following cybersecurity controls are highly encouraged for all LEAs to implement between September 1, 2023 and August 31, 2025 and fall within the scope of this initiative:

  • Implement fully managed Endpoint Detection and Response (EDR) on LEA servers and applicable staff devices. TEA will fully fund licenses with limited distribution. See details below.
  • Implement Multi-Factor Authentication (MFA) on staff email systems. 
  • Implement email protocol security configurations. 
  • Restrict local admin access.  

The following cybersecurity controls are funded on a first come first served basis by TEA through the Department of Information Resources (DIR) Shared Technology Services (STS) program and are recommended to mature LEA cybersecurity posture. These controls fall within scope of this initiative: 

  • Complete a third-party K-12 Cybersecurity Assessment to get a baseline of your cybersecurity maturity and action plan for improving cybersecurity posture.
  • Implement Network Detection and Response (NDR), especially for schools with cameras and other Internet of Things (IoT) devices.

The following cybersecurity controls are recommended to prioritize, but do not currently fall within scope of this initiative: 

  • Security Awareness Training for staff with access to network resources.
  • Ensure backups are encrypted, stored off network, and tested regularly.
  • Encryption of sensitive data
  • Segment networks
  • Third-Party Risk Management 

How much money was appropriated for the K-12 Cybersecurity Initiative?

The Texas State Legislature appropriated $55M to support the K-12 Cybersecurity Initiative.  From the legislative entry into the budget: 

  • It is the intent of the Legislature that the Texas Education Agency enters into an interagency agreement with the Department of Information Resources (DIR) to provide cybersecurity services for LEAs in accordance with DIR Strategy C.1.2, Security Services. Cybersecurity services to be provided by DIR may include but are not limited to, cybersecurity assessments, endpoint detection response, and network detection response.
Funded Service Type Availability Scope Next Step Timeline
Cybersecurity technical assistance provided by ESCs Entire state As stood up by ESCs over the next 6 months
Free third-party cybersecurity assessments First come, first served Request for service is now open!
Free Endpoint Detection & Response (EDR) subscriptions through the end of 2024-25 SY Prioritized for small & midsize LEAs  Request for service is now open!
Free Network Detection & Response (NDR) hardware & software through the end of 2024-25 SY  Pilot group of LEAs and ESCs TBD

Program Scope*


LEAs will need to sign DIR’s inter-local agreement to receive the in-scope services from DIR’s STS, Managed Security Services (MSS) program. Our goal is to have all eligible LEAs onboarded with a signed inter-local agreement by September 1, 2023, so the services can be distributed as soon as possible. After the inter-local agreement is in place, eligible LEAs may then request in scope services through the STS program, which will be paid for by TEA starting September 1, 2023 through August 31, 2025. The MSS vendor, AT&T, or your regional education service center may reach out to your LEA to help facilitate this process. Details about this process were discussed in the April Cybersecurity Coordinator call.


It is TEA’s intention to focus on small and rural LEAs for the distribution of EDR services through DIR’s MSS. The EDR provided, which replaces traditional anti-virus software and incorporates threat intelligence along with malicious behavior characteristics on endpoints, will be fully managed to eliminate additional LEA overhead and is one of the best solutions to prevent ransomware and secure devices. The current vendors under the MSS contract for EDR are CrowdStrike and SentinelOne. To provide a scope that we can reasonably accommodate with the funding provided, TEA will limit the distribution for LEAs with a total enrollment of 15,000 and below, with a range from 30 licenses up to licenses equal to 20% of student enrollment, whichever is larger.  It is TEA’s intent to focus on high-risk and impact devices, so initial distribution should focus on servers and central office staff with any remaining licenses distributed to other staff devices that have access to sensitive data.


Security assessments will also be available to LEAs as part of this initiative and will also be provided by AT&T through DIR’s services catalog.  The intent of these assessments is to provide a high-level look at the overall state of cybersecurity in Texas’ K-12 public entities. TEA will not receive detailed copies of reports for any individual LEA.  Scope of and availability of the assessments will be based on a sampling of LEAs by size.  Once those assessments are set up in the STS program, we will provide guidance to interested parties on how to request those assessments through the STS program.

*The program scope is subject to change in order to achieve initiative goals. Initiative implementation details are still in development. TEA will provide updates through Cybersecurity Coordinator Forum webinars and this site.

Next Steps: 

  1. Ensure your LEA has signed a New Customer Form and submit the form to Texas Department of Information Resources (DIR), in order to start the process for onboarding to the Shared Technology Services Program (STS), Managed Security Services (MSS). There is no cost to sign up for the program. This is the first step to enable your LEA to receive the services through the programs that are funded by the TEA.
  2. Log in to the STS portal to request your free procurement of EDR through DIR's contracted MSS provider, AT&T. Current offerings include either Crowdstrike or SentinelOne.
  3. Refer to the TX K12 Cybersecurity Assessment Quick Start Guide for details on how to request a Cybersecurity Assessment for your district.
  4. Register for TEA Cybersecurity Coordinator Forum webinars to remain up-to-date on the latest offerings of the K-12 Cybersecurity Initiative.

Upcoming Services: 

  • Technical Assistance provided by regional education service centers (ESCs) is planned but will not be available until grant funding is established. LEAs that will require technical assistance from the ESCs for in-scope projects of the K-12 Cybersecurity Initiative, including EDR implementation, will need to wait until further communication from ESCs and TEA on technical assistance availability. 
  • Network Detection Response – More details to come.


Webinars & Slide Decks

You may register for the Cybersecurity Coordinator Forum series using your LEA email address. 

Other Resources



Contact Information

For more information contact:

Texas Department of Information Resources CISO Office at DIRSecurity@dir.texas.gov

Texas Education Agency Cybersecurity team Cybersecurity@tea.texas.gov