The Cybersecurity and Infrastructure Security Agency (CISA) has released its third edition of the CISA K-12 School Security Guide and School Security Assessment Tool (SSAT).
In a press release, CISA said the guide and accompanying web-based tool provide schools with a comprehensive doctrine and methodology to assess vulnerabilities, plan for emergencies, and implement layered elements of security.
“Our kids deserve to learn in a safe and secure environment, and CISA is committed to providing schools with tools and information to improve their security,” said CISA Executive Assistant Director for Infrastructure Security Dr. David Mussington.
“The updated CISA K-12 School Security Guide and School Security Assessment Tool provide schools with critical new information, practical tools, and concrete steps they can implement immediately – and with minimal financial investment – to improve their physical security and better protect students, teachers and staff,” he said. “This is part of our ongoing effort to make school safety and security information readily available for communities across the country.”
The guide takes a three-pronged approach to school security: prevention, protection and mitigation, and recovery and response. Under each prong, CISA provides schools with suggestions for technologies to deploy across the school campus, necessary trainings for staff and students, policies and procedures to implement.
The guide is intended to be used in conjunction with the SSAT, which is a web-based assessment that walks users through a tailorable vulnerability analysis and provides results and recommendations that can be integrated into their safety and security plans. When put together, both products outline action-oriented security practices and options for K-12 schools to consider. CISA said that both products are also applicable to schools in different geographic areas and at various levels of maturity in their security planning process.
When education leaders use the online interactive portal they will be asked to think about the various components that make up their school’s physical security system: equipment and technology; site and building design features; school security personnel; policies and procedures related to school security; and training, exercises, and drills. CISA said the portal will ask stakeholders a series of questions about these features. Stakeholders are asked to answer the questions as accurately as possible, so that the tool can provide them with a tailored set of results that reflect their school’s unique security needs.
On the portal’s website, CISA noted that it uses third-party websites and services to make information and resources like the SSAT available to education leaders. Addressing data privacy concerns, CISA further noted that will not collect, process, or store any information from stakeholders to use the SSAT. Additionally, third-party websites and services will not store or retain any information from users as part of the SSAT. CISA specifically said that all the information entered into SSAT stays on users’ local computers. Third party software, modules, or add-ins used to provide the SSAT to users may or may not use persistent cookies or similar technology; however, no data collected in this manner is accessible, viewable, or retained by the Federal government.
