A group of six House Democrats wrote to congressional leaders Monday asking that their legislation funding cybersecurity programs for K-12 schools be included in the $3.5 trillion budget reconciliation act that Democrats and President Joe Biden are struggling to pass.
In the letter, the members, led by Rep. Doris Matsui of California, argue that the rising rate of ransomware attacks against public schools nationwide should be addressed by the far-ranging budget bill.
“Although it is difficult to gather accurate, up-to-date information on cybercrime, one thing is clear: cybercriminals are getting better at targeting K-12 schools,” the letter reads. “In the face of this well-documented threat, Congress must act by putting real resources on the table.”
Matsui is the lead sponsor of the Enhancing K-12 Cybersecurity Act, which would direct the Cybersecurity and Infrastructure Security Agency to create an incident-reporting system for the education sector and spend up to $10 million annually on cybersecurity improvements at grade schools. Rep. Jim Langevin of Rhode Island, a former co-chair of the Cyberspace Solarium Commission and an architect of much of Congress’ recent cyber-related legislation, also signed the letter, as did Reps. Deborah K. Ross of North Carolina, Dutch Ruppersberger of Maryland, and Anna Eshoo and Tony Cardenas of California.
The letter cites statistics from the K-12 Cybersecurity Resource Center that found that between 2016 and 2020, there were more than 1,100 publicly acknowledged cyberattacks, including nearly 400 last year, involving K-12 schools or their IT vendors.
A portion of the budget package crafted by the House Homeland Security Committee already includes $865 million in additional funds for CISA, about half of which would be put toward carrying out Biden’s May 12 executive order strengthening cyber incident reporting requirements for federal contractors and critical infrastructure operators.
While the reconciliation package remains jammed up in negotiations between progressive and conservative Democrats — with few signs of a speedy resolution — it’s common for individual cybersecurity bills to get grouped into major spending packages. The $1.2 trillion bipartisan infrastructure spending plan the Senate passed in July includes $1 billion to fund a state and local cybersecurity grant program long sought by state IT officials, though that package, too, awaits approval from the House.