The Department of Education wants to improve student privacy and cybersecurity at institutions of higher education, and listed engaging those institutions as a goal over the next year in its July 2020 President’s Management Agenda (PMA) update.
By September 30, 2021, the Department is aiming to participate in 12 events, conferences, industry meetings or agency-initiated trainings with institutions of higher education. Out of these engagements, the Department is looking to create five best practices for improvements at these institutions in the areas of privacy and cybersecurity.
Jason Gray, the agency’s CIO, is in charge with implementing this goal over the course of the next fiscal year. The department is planning to have five engagements with institutions of higher education this fiscal year, which ends September 30, and release two of its best practices. The remaining seven engagements would come in fiscal year 2021 as would the final three best practices.
“Cybersecurity is one of the core focus areas that – since I’ve been at the department – has always been there,” said Gray, last month during an online event.
Education’s PMA goal says that the leadership of institutions of higher education “may not be fully aware of their responsibilities for self-reporting cyber-incidents.” This lack of awareness can lead to a failure to inform the Department and respond, the goal states.