Obama's IT cuts for K-12 could jeopardize schools' cybersecurity

President Obama's proposed cuts in federal technology grants for K-12 education could make it more difficult for schools to protect their networks from cyberattacks and students from online predators, said school officials in charge of information technology and security.

Schools are already under cyberattack, officials point out. In the past 12 months, 55 percent of school districts reported a security breach, according to a survey of 400 K-12 IT officials conducted by IT solution provider CDW Government. Sixty-seven percent of those surveyed said a lack of funds were the primary reason they could not improve cybersecurity, and 56 percent said not enough staff resources hindered creating better security programs.

Federal funds have helped school districts pay for beefing up cybersecurity. Brad Sandt, director of technology at Park Hill School District in Kansas City, Mo., said school districts can apply for federal funds through grant programs, and his district spent some grant money on security upgrades. "However, there is definitely a need for the government to earmark additional dollars," he said. "While some districts are [able] to secure initial funding for increasing security, the technological nature of many of the products gives them a shorter installation and life cycle. Districts need to budget to ensure that security systems do not become antiquated over time."

But in his fiscal 2010 budget released on May 7, Obama proposed cutting spending on programs for school technology, said Ray Bjorklund, senior vice president and chief knowledge officer for FedSources, a consulting firm in McLean, Va. The Enhancing Education through Technology (Ed-Tech) grant program, which is explicitly designated to fund educational technology, would be slashed nearly 90 percent from $926 million in fiscal 2009 to $100 million in fiscal 2010.

The fiscal 2009 budget includes stimulus funds Congress passed this year, so it is atypical. But the proposed fiscal 2010 Ed-Tech program budget is 63 percent less than the fiscal 2008 program budget of $268 million.

In addition, some school districts allocate the program's grants to IT programs other than security. Missouri school districts, for example, allocate all Ed-Tech funds for classroom instruction that relies on technology. None of the funding is spent on school safety and security.

"There are many other grant programs that can, in some part, contribute to cybersecurity, but I think the administration is leaving it up to the state and local jurisdictions," Bjorklund said.

"Now, take it to a higher level and recognize that schools are part of the public infrastructure," he said. "To meet requirements for securing the critical infrastructure, state and local entities should consider what's needed to make the investments."

Bjorklund added that apart from protecting students from Internet predators and bullies, and ensuring the integrity of academic testing and grading, the threat to schools is not as high on the risk list as other aspects of the critical infrastructure, such as utilities, the financial industry and transportation systems. Most students in K-12 don't have credit scores or even credit cards, so the risk of fraud is lower.

"Now we need to look at how schools can work around the barriers," said Bob Kirby, vice president for K-12 education at CDW Government. According to the survey, 36 percent of school districts will engage their administrations to improve IT processes and procedures, and another 33 percent will make the business case board for improving IT security to the school.

"Technology has been a historically under-invested area," Kirby said. "The key is for schools to find ways to leverage technology to meet security goals and save money."