K12 SIX: Pat McGlone, [email protected]
SETDA: Derek Baird, [email protected], 202-715-6636

Cybersecurity Frameworks: What K-12 Leaders Need to Know

K12 SIX and SETDA Collaborate to Promote Cybersecurity Best Practices for School Districts

Fairfax, VA (October 20, 2022) – The K12 Security Information eXchange (K12 SIX) released “Cybersecurity Frameworks: What K-12 Leaders Need to Know,” a new resource for state and local education leaders encouraging the adoption of nationally recognized cybersecurity best practices. This white paper, commissioned by the State Educational Technology Directors Association (SETDA) as part of the work of its Cybersecurity & Privacy Collaborative, was funded by the Bill & Melinda Gates Foundation.

While there is no shortage of advice and guidance on how organizations of all types can better defend against cyber-attacks, little of that advice reflects the context in which schools work or addresses the unique challenges and constraints facing the K-12 education sector. This K12 SIX white paper is designed to help education leaders to understand the purpose and structure of common cybersecurity best practice frameworks, understand the similarities and differences among these frameworks, and encourage the growth in cybersecurity framework adoption by school systems nationwide.

“The growth in both the frequency and severity of school cyber incidents begs the question of what school leaders need to know and do to defend their school systems better. Cybersecurity frameworks, which are compilations of cost-effective best practice advice, offer a commonsense way for K-12 leaders to prioritize scarce time and resources in guarding against the growing array of cyber threats facing schools,” said Doug Levin, National Director of K12 SIX.

“This thoughtful analysis of best practice frameworks is another example of the practical, school-focused guidance K12 SIX delivers for our states and districts. SETDA appreciates Doug Levin’s expertise in helping schools develop better practices for cybersecurity risk management,” said Jason Bailey, Director of Innovation and Design at SETDA.

Adopting a cybersecurity framework is essential in the journey toward more effectively mitigating and managing the cybersecurity risks facing school systems. The K12 SIX analysis encourages education leaders to:

  • Commit to improving K-12 cybersecurity defenses by adopting a cybersecurity framework as a management and communication tool;
  • Consider the capacity of their school system before choosing which framework to adopt; and
  • Understand that cybersecurity framework implementation requires flexibility.

Ultimately, the goal of adopting a cybersecurity best practice framework is to minimize the impact of cyber incidents on school operations and to ensure the safety and welfare of students, educators, and other members of school communities.

Download “Cybersecurity Frameworks: What K-12 Leaders Need to Know.”

For additional cybersecurity resources, visit or


About K12 SIX

The K12 Security Information Exchange (K12 SIX) is a national non-profit organization dedicated to protecting the U.S. K-12 community from emerging cybersecurity threats. A member of the Global Resilience Federation multi-sector network of information sharing communities, K12 SIX serves the education sector by facilitating the sharing of actionable threat intelligence and collaborating on best practices—and through the provision of professional development, virtual CISO services, and leadership opportunities.


The State Educational Technology Directors Association (SETDA) is the principal association representing U.S. state and territorial educational technology and digital learning leaders. Through a broad array of programs and advocacy, SETDA builds member capacity and engages partners to empower the education community in leveraging technology for learning, teaching, and school operations.

© 2024 SETDA, All Rights Reserved