Cybersecurity in Alaska K-12 Schools

Cybersecurity is part of school safety

When we think about safety in Alaska schools, we tend to think about physical security - entry control, emergency drills, communication during a crisis. Cybersecurity belongs in the same conversation. The networks that run a school don't just carry email and lesson plans. They run the door locks, the cameras, the mass-notification systems, the cafeteria management software, and records of every student in the building, including counseling notes, IEPs, and medical information.

A cyber incident is rarely just an IT problem. It interrupts learning, disrupts meal programs, exposes sensitive student information, and can compromise the physical systems that keep buildings safe. Protecting a district's network is part of protecting its students.

Whatever your role in an Alaska school district, administrator, IT staff, educator, board member, or community partner, the resources below will help you learn more, locate funding, and build a stronger cybersecurity posture for your district.

Learn more about cybersecurity in schools

The following organizations publish current, K-12–focused cybersecurity guidance. Start here if you're new to the topic, or use them as ongoing reference points.

CISA K-12 Cybersecurity — The federal hub for K-12 cybersecurity guidance, including the Partnering to Safeguard K-12 Organizations toolkit and Cross-Sector Cybersecurity Performance Goals.

K12 Security Information eXchange (K12 SIX) — A nonprofit threat-intelligence sharing community for K-12 organizations. Publishes the Essential Cybersecurity Protections self-assessment rubric and maintains the K-12 Cyber Incident Map.

CoSN K-12 Cybersecurity Resource Hub — The Consortium for School Networking's K-12 adaptation of the NIST Cybersecurity Framework, with templates, policy examples, and self-assessment tools designed for school districts.

SchoolSafety.gov Cybersecurity Resources — Federal interagency hub connecting cybersecurity to broader school safety planning.

Student Privacy Compass (formerly FERPA|Sherpa) — The consolidated education privacy resource center maintained by the Future of Privacy Forum. Covers FERPA, COPPA, state privacy laws, and ed-tech vendor evaluation.

Privacy Technical Assistance Center (PTAC) — The U.S. Department of Education's technical assistance center for student privacy compliance, with checklists, training, and direct help.

Alaska AI Framework — Alaska Department of Education and Early Development hosts a K-12 AI Framework includes Security as one of its seven guiding principles, with guidance on PII protection, vendor vetting, and CIPA/FERPA compliance.

Funding opportunities

The funding landscape for K-12 cybersecurity is shifting. The resources below reflect what's currently active or anticipated. This page will be updated as new opportunities open.

Alaska State and Local Cybersecurity Grant Program (SLCGP) — Administered by the Alaska Department of Homeland Security and Emergency Management. School districts are eligible local sub-recipients. A federal NOFO for FY2026 has not yet been issued; check the SLCGP page for the next opportunity.

Alaska Municipal League — Cybersecurity Services — AML has pre-negotiated cybersecurity services and rates that are eligible under SLCGP grant funding, available to Alaska local government entities including school districts.

FCC Cybersecurity Pilot Program — A three-year, $200 million pilot administered through USAC. The application window is closed and selected participants, including four Alaska districts: Yupiit, Dillingham City, Bering Strait, and Alaska Gateway are now in execution. The pilot's data will inform whether cybersecurity becomes a permanent E-Rate funding category. Worth monitoring even if your district did not apply.

Tribal Cybersecurity Grant Program (TCGP) — Federal funding for eligible tribal entities, including those that operate or partner with K-12 schools.

Federal E-Rate Program — Existing federal infrastructure funding for schools and libraries. Some cybersecurity-adjacent services (like advanced firewalls in some configurations) may be eligible under Category 2.

For administrators

District and school administrators set the conditions that determine whether a cybersecurity program succeeds. The resources below focus on governance, policy, vendor accountability, incident readiness, and the leadership conversations these require.

Foundational reading

CISA Cybersecurity for School Administrators — A CISA-developed reference page for school administrators, hosted by AASA.

AASA School Safety and Crisis Planning Toolkit — Continuously updated administrator-facing toolkit covering cybersecurity, mental health, and physical safety in an integrated framework.

AASA School Safety & Cybersecurity Hub — Ongoing publications, webinar recordings, and policy updates from the national superintendents' association.

Policy and governance

CoSN K-12 NIST Cybersecurity Framework Alignment — The most accessible roadmap for districts building a cybersecurity program from the ground up. Six functions (Govern, Identify, Protect, Detect, Respond, Recover) with K-12–specific templates.

Alaska board policy examples to draw from:

• Mat-Su Borough School District — Responsible Use Policies

• Fairbanks North Star Borough School District — Board Policy 6163 and Administrative Regulation

• Anchorage School District — Dimond HS Student Handbook language

• Wrangell Public Schools — Academic Honesty Policy

Vendor and procurement

Student Privacy Compass — Vendor Resources — Practical guidance on evaluating ed-tech vendors against FERPA and state privacy law requirements.

CoSN K-12 Community Vendor Assessment Tool — A district-friendly questionnaire for evaluating SaaS vendor cybersecurity posture before procurement.

Incident readiness

REMS TA Center — Cybersecurity Tabletop Exercise (PDF) — A ready-to-run tabletop exercise for school crisis teams, walking through a hypothetical data breach.

CISA Tabletop Exercise Packages (CTEPs) — Over 100 customizable scenarios covering ransomware, phishing, insider threats, and more.

Stop Ransomware Guide (CISA/FBI joint publication) — Decision framework for districts facing or preparing for a ransomware incident.

Reporting incidents

Internet Crime Complaint Center (IC3.gov) — Primary federal front door for reporting cyber incidents.

FBI Anchorage Field Office — Covers the entire state of Alaska for cyber incident response and investigation.

For IT staff

District technology directors and IT staff carry the day-to-day work of protecting school networks. The resources below focus on technical controls, frameworks, and operational tools.

Operational frameworks

K12 SIX Essential Cybersecurity Protections — A district self-assessment rubric for foundational cybersecurity controls. Useful as both a maturity model and a board reporting tool.

CISA Cross-Sector Cybersecurity Performance Goals — Voluntary, prioritized baseline cybersecurity practices applicable to K-12.

CISA Known Exploited Vulnerabilities (KEV) Catalog — The authoritative list of vulnerabilities actively being exploited. Patch these first.

No-cost services

CISA Cyber Hygiene Services — Free vulnerability scanning and assessment services for state, local, tribal, and territorial entities, including school districts.

CISA Phishing Assessment — No-cost phishing simulation and assessment.

Incident response

NCDPI PSU Incident Response Toolkit — A full set of incident response templates from the North Carolina Department of Public Instruction's K-12 Cybersecurity Program. Includes guidelines, policy, plan, procedures, playbooks, and tabletop exercises in a single customizable document.

MiSecure K-12 Tabletop Exercise Library — Customizable tabletop exercises from Michigan's K-12 cybersecurity program. Creative Commons licensed.

CISA Stop Ransomware Hub — Centralized federal guidance on ransomware prevention, mitigation, and response.

Reference frameworks

NIST Cybersecurity Framework 2.0 — The base framework from which the CoSN K-12 alignment is derived. Worth knowing the source.

CIS Critical Security Controls v8 — The Center for Internet Security's prioritized list of cybersecurity actions, widely used as an operational benchmark.

Building CTE pathways in cybersecurity

The national cybersecurity workforce gap exceeds 500,000 unfilled positions. Alaska students are well-positioned to enter this field, and several pathways already exist to support districts building or expanding cybersecurity programs.

Alaska postsecondary partners

UAF Cybersecurity Foundations Occupational Endorsement — UAF Community & Technical College's entry-level credential, preparing students for CompTIA Network+ and Security+ certifications.

UAF Associate of Applied Science — Network and Cybersecurity — Two-year applied degree.

UAF Bachelor of Security and Emergency Management — Cybersecurity & IT Management — Four-year degree concentration.

UAF Cybersecurity Management Graduate Certificate — Graduate-level credential.

UAA College of Engineering — Computer Science and Computer Systems Engineering — Bachelor's degrees in Computer Science (BA/BS) and Computer Systems Engineering (BS).

K-12 curriculum and standards

CYBER.ORG K-12 Cybersecurity Learning Standards — The first national K-12 cybersecurity learning standards, developed in collaboration with educators, government, and industry. Free.

CYBER.ORG Curriculum and Range — Free K-12 cybersecurity curriculum and a cloud-based virtual lab environment that requires no local hardware.

Palo Alto Networks Cybersecurity Academy — Free curriculum and instructor resources for secondary and postsecondary cybersecurity programs.

Cisco Networking Academy — Junior Cybersecurity Analyst Pathway — Free cybersecurity curriculum, instructor support, and student certifications.

Carnegie Mellon University CyLab Security Academy — Free K-12 cybersecurity curriculum from Carnegie Mellon's CyLab.

IBM SkillsBuild — Cybersecurity — Free cybersecurity learning content for students and educators.

Industry certifications students can earn

CompTIA — A+, Network+, Security+ — entry-level industry-recognized certifications often earned during high school.

Cisco Certifications — Certified Support Technician, Certified Network Associate.

Google Cybersecurity Certificate — Online entry-level certificate accessible to high school students.

ISC2 Certified in Cybersecurity (CC) — Free entry-level cybersecurity certification.

Microsoft Security, Compliance, and Identity Fundamentals — Microsoft's foundational security certification.

Competitions and clubs

CyberPatriot — National Youth Cyber Defense Competition for middle and high school students. Coached locally by teachers, JROTC instructors, or volunteers. Low overhead, high engagement.

SkillsUSA — Cybersecurity, IT Services, Internetworking — CTSO competitions in cybersecurity and related IT fields.

Business Professionals of America — Server/Network Admin, Computer Security, Network Design — CTSO competitions covering technical cybersecurity skills.

KC7 Cyber Investigation Game — Free, browser-based cybersecurity investigation game.

Hacking Google Documentaries — Free documentary series on real-world cybersecurity work at Google.

Alaska articulation and credit

Alaska CS CTE Pathways — Statewide pathway information, including Advanced Placement, Project Lead the Way articulation, and dual credit options.