The Federal Communications Commission received more than 2,700 applications for its pilot program to help schools and libraries fund cybersecurity projects, representing a total of $3.7 billion in requests, according to the agency.
But the pilot program, which was approved by the FCC in June, will provide a total of $200 million to eligible schools and libraries to help them purchase advanced firewalls, antivirus protection technology, and other cybersecurity equipment. That will likely leave many applicants without any of the FCC cybersecurity support or with less than what they requested.
The application window was open from Sept. 17 through Nov. 1. In that time, the FCC received applications from schools and libraries in all 50 states, Puerto Rico, and the District of Columbia, including those in rural and urban communities, according to the agency鈥檚 news release.
鈥淭he overwhelming response to our pilot program makes clear that the cybersecurity threats impacting school systems are widespread,鈥 said FCC Chairwoman Jessica Rosenworcel in a statement. 鈥淭he Pilot Program provides an excellent opportunity to both learn from these varied experiences, and also test out solutions in different environments.鈥
Cybersecurity has been the top concern for district technology leaders for more than five years, according to the nonprofit Consortium for School Networking, or CoSN. Cyberattacks can cost districts millions of dollars and days or weeks of missed learning time.
The education sector has one of the highest rates of ransomware attacks
The cybersecurity risk score for the education and nonprofit sectors has jumped from 鈥渕oderate鈥 to 鈥渉igh鈥 between 2022 and 2024, according to , a global credit rating provider. The highest score is the 鈥渧ery high鈥 level.
The education sector鈥攚hich includes K-12 schools and colleges and universities鈥攈as reported one of the highest rates of ransomware attacks during that time period, and the costs of cyber incidents have more than tripled in the past year, according to the Moody鈥檚 report. The education sector is also among the least prepared when it comes to protecting against cyber incidents, the report said.
The Moody鈥檚 report shows that cybersecurity 鈥渋s not something we can just ignore and hope for the best,鈥 said Keith Krueger, the CEO of CoSN. It鈥檚 鈥渁 shot across the bow that every superintendent, school board, and finance officer has to care about cybersecurity.鈥
The high cyber risk could also mean higher cybersecurity insurance rates for school districts, Krueger said.
鈥淲e don鈥檛 need to wait any longer to see that there鈥檚 an urgent demand [for cybersecurity funding],鈥 he said.
The Steuben County school district in Indiana is among the applicants for the FCC鈥檚 pilot program, said Chantell Manahan, the district鈥檚 technology director.
The district鈥檚 last cyber incident was about nine years ago, Manahan said. The attacker encrypted some files, but the district was able to easily restore all the data without having to pay ransom because it had good backups. But she said it could happen again and it could be worse especially with cyberattacks getting more sophisticated.
The Steuben County district has used state and local funding, as well as partnerships with universities, to provide cybersecurity training for staff and buy cybersecurity equipment, Manahan said. The district has also used ESSER funds to pay for other cybersecurity needs.
If the district receives funding from the FCC鈥檚 pilot program, Manahan said she would use it to fund endpoint detection and response technology, which continuously monitors computers and services to detect suspicious activity. She said she did a trial run with a company last school year and was 鈥渞eally impressed鈥 by what it was able to alert the district to.
鈥淚 don鈥檛 think it鈥檚 going to take three years to prove the impact鈥 of the cybersecurity grants, Manahan said. 鈥淭hose districts who are fortunate enough to be part of the pilot are definitely going to be in a better position than those of us who are not.鈥
The uncertain future of the E-rate program could affect cybersecurity support
The cybersecurity grant program follows years of advocacy for additional federal resources for cybersecurity by the CoSN, the Council of the Great City Schools, the State Educational Technology Directors Association, National School Boards Association, and other education groups. Closing the digital divide has been one of Rosenworcel鈥檚 top priorities.
FCC Commissioner Brendan Carr, President-elect Donald Trump鈥檚 pick to lead the agency, had voted against the pilot program because he didn鈥檛 think it was within FCC鈥檚 authority, though he agrees it鈥檚 important for schools to have resources they need to secure their networks.
Krueger from CoSN said he hopes the high demand for this pilot program will lead the FCC to modernize the E-rate program to include cybersecurity. The E-rate program, which was created in the mid-1990s to improve school and library internet connectivity, is also administered by the FCC and is paid for primarily through the Universal Service Fund, which is financed through fees on telecommunications services. CoSN and other education groups have been advocating for modernizing the program so that it could also be used to fund cybersecurity upgrades.
鈥淚t鈥檚 great to have broadband, it鈥檚 great to have Wi-Fi, but if it鈥檚 not safe and secure, the whole thing is not usable,鈥 he said.
The future of the E-rate program is at risk, however. The U.S. Supreme Court has agreed to take up a case about the constitutionality of the funding mechanism for the Universal Service Fund, which distributes some $4 billion annually under the E-rate program for connecting schools and libraries to the internet.