Cybersecurity

FCC approves cybersecurity funding for schools, libraries

Wake up, firewalls! It’s time for school.
article cover

Tw Farlow/Getty Images

3 min read

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.

In early June, the Federal Communications Commission (FCC) approved $200 million for a three-year pilot program designed to fund libraries and K–12 schools with cybersecurity equipment like firewalls, endpoint protection, authentication mechanisms, and monitoring.

The Schools and Libraries Cybersecurity Pilot Program, passed by a 3-to-2 vote, addresses a sector increasingly targeted by malicious hackers.

“We know that connectivity is essential for education in the 21st century. Technology and high-speed internet access opens doors, and unbounded opportunity for those who have it. Unfortunately, our increasingly digital world also creates opportunities for malicious actors. And like other aspects of the digital divide, this is an issue of equity,” FCC Commissioner Anna M. Gomez said in a statement during the meeting.

In a study ranging from July 2022–June 2023, the Center for Internet Security’s Multi-State Information Sharing and Analysis Center (MS-ISAC) found that 81% of 402 respondents cited insufficient funding as a cybersecurity concern.

Applications for interested school and libraries, according to FCC guidance, allow entrants to describe their institution’s:

  • Current cybersecurity posture and a plan if it receives pilot funding.
  • Cybersecurity incidents within the last year.
  • Proposed use of pilot funds.
  • Plans for tracking progress.

The pilot funding comes from the Universal Service Fund, made up of contributions from telecom providers; it differs from the E-Rate program, which offers telecommunications and information services to eligible schools and libraries to promote digital equity.

“How can we ensure that schools and libraries that lack funding, expertise, or are otherwise under-resourced can meaningfully participate in the Pilot?” FCC officials asked. They'll answer this and other questions as well as seek public comment during the pilot phase.

Eligible recipients include elementary and secondary schools, and libraries with separate, independent budgets.

Excluding end-user devices like laptops and tablets, the FCC proposes to limit pilot eligibility to network-based equipment and services “designed to identify and/or remediate threats that could otherwise directly impair or disrupt a school’s or library’s network, including to threats from users accessing the network remotely,” according to its notice of rulemaking.

In March 2024, the Department of Education launched a Government Coordinating Council (GCC) for the Education Facilities Subsector, which coordinates with CISA on cybersecurity-enhancement efforts “across K–12 educational institutions.”

Verizon’s Data Breach Investigations Report, released this May and studying events from November 2022 through October 2023, counted 1,780 security incidents in the education sector out of a total of 30,458 across all sectors—and data disclosure was confirmed in 1,537 cases. The previous year’s report found 496 incidents out of a total of 16,312 across all sectors—and data disclosure was confirmed in 238 instances.

“Leaders across the K–12 community are coming to recognize that no school, district, or organization is immune from cyber intrusions,” CISA noted in a January 2023 report.

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.