The U.S. Federal Communications Commission approved a $200 million program to improve cybersecurity in schools and libraries.
The pilot program will earmark money from the larger Universal Service Fund to schools and libraries looking to upgrade their data and network security equipment. In exchange, the FCC will collect data on the equipment in order to help craft a larger program for cybersecurity rollouts.
The FCC said that the cybersecurity funds will not impact e-rate, a similar program that provides funds for schools and libraries looking to install or update their internet services and network hardware.
The measure passed by a 3-2 vote, which is not uncommon as the commission often tends to split along party lines.
Those commissioners who supported the measure pointed to the ongoing wave of ransomware attacks against school districts in pushing the need for more funding for cybersecurity tech in schools and libraries.
Among the more high-profile school district ransomware incidents to take place in recent years were attacks on the districts in Scranton, Pennsylvania, Prince George's County, Maryland, and Los Angeles.
Chairwoman Jessica Rosenworcel, who led the charge for the pilot program as part of a larger technology funding package, pointed to those and other ransomware incidents in pointing out that not only do many schools lack adequate cybersecurity protections, but are also unprepared to deal with the consequences of an attack and subsequent data breach.
“The recovery time for the school district can take as long as nine months,” Rosenworcel said.
“On top of that, the expense of addressing these attacks may mean millions for districts that never had this kind of a thing as a line item on their annual budget.”
Also supporting the program was commissioner Geoffry Starks, who also noted that breaches are particularly dangerous for schools due to the potential loss of student data.
“Our schools possess massive amounts of data about students, including their Social Security numbers, health records, disciplinary records, and other personally identifiable information,” said Starks.
“Accordingly, schools are target rich environments for cyberattacks, such as ransomware, and are low hanging fruit because they are often resource constrained and lack cyber expertise.”