FCC to Give $200 Million to K-12 Schools With New Cybersecurity Pilot Program

As K-12 schools continue to be one of the most highly targeted industries for ransomware attacks, costing billions of dollars, a new $200 million initiative intends to help districts better protect themselves against cyber threats.

The Federal Communications Commission’s  (FCC) Schools and Libraries Cybersecurity Pilot Program will award funds to K-12 schools and libraries to help strengthen cybersecurity.

The Pilot Program will distribute funds over a three-year period to cover the cost of cybersecurity services and equipment in schools and libraries nationwide.

“The cybersecurity threats facing our educational institutions are significant,” John Harrington, CEO of Funds For Learning, told K-12 Dive. “This pilot program represents a crucial step in providing the resources necessary to safeguard sensitive information and maintain secure, reliable access to digital learning tools.”

As cyber threats targeting educational institutions in the U.S. continue to increase, this initiative provides essential funding to help schools protect their digital environments.

This article provides an overview of the FCC Pilot Program and guides you through the application process in four simple steps.

FCC Pilot Program: Overview 

The Schools and Libraries Cybersecurity Pilot Program will provide:

• Funding for Cybersecurity Tech and Services: Schools can apply for financial assistance to acquire — or be reimbursed for — cybersecurity software, services, and infrastructure. This includes firewalls, encryption, and other security measures.
• Prioritizing Underserved Areas: The program focuses on schools in underserved and rural communities, ensuring districts with limited resources have greater opportunity to enhance their cybersecurity defenses.
• Comprehensive Approach: The FCC encourages schools to integrate new cybersecurity tools with existing IT practices and involve all stakeholders in creating a secure digital environment.
• Emphasis on Digital Protection: The program prioritizes tools to combat modern digital challenges. Ineligible tools and services include security cameras, asset tracking tags, training, consulting services, and risk assessment surveys

How to Apply for the FCC Pilot Program

Use following steps to guide you in preparing a strong application for the Pilot Program. 

Step 1: Determine Your Eligibility 

Schools, libraries, and consortia (i.e., regional or statewide groups of schools or libraries that apply together) that meet E-Rate program eligibility can apply for the Pilot Program. 

To support diversity and equitable funding, schools with greater demonstrable need for cybersecurity support will be prioritized, with an emphasis on low-income and Tribal applicants.

Funding amounts will be determined using a formula that estimates a cost of $13.60 per student. The minimum award amount is $15,000, with a maximum of $1.5 million. 

Note: You are not required to be a current or past E-Rate program participant to be eligible to apply. However, you’ll need to create a user profile with the E-Rate Productivity Center (see “Next Steps”).  

Step 2: Review the Pilot Program Application Process

The Pilot Program application window is expected to open in the fall of 2024. Applicants should start preparing early, as IT leaders will need to assess their current systems, identify gaps, and prioritize areas for improvement to apply.

Applying for the Pilot Program involves a two-step process. All applicants will need to submit Part 1 of the application; select candidates will be invited to submit Part 2.

In Part 1, applicants will submit a: 

• Summary of your existing cybersecurity measures
• Synopsis of your digital protection and network security knowledge
• General overview of current free or low-cost cybersecurity resources
• Description of your cybersecurity goals and objectives 
• Itemized list of desired services and equipment and their associated costs
• Breakdown of cybersecurity risks & how your proposed solutions will prevent or address them

If selected, Part 2 of the application requires applicants to expand upon information provided in Part 1.

In Part 2, applicants will be asked to provide detailed information about:

• Current digital security practices
• Existing prevention and mitigation tactics
• Current cybersecurity training policies and procedures
• History of cyber threats and attacks (within a year of the date of the application)
• Cybersecurity challenges

To guide your preparation efforts, review the draft version of the “Schools and Libraries Cybersecurity Pilot Program Application” (FCC Form 484).

The FCC also recommends schools leverage the following resources to evaluate any current vulnerabilities:

• The Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency 
• The Department of Education’s Cybersecurity Preparedness Guide for K-12 Schools
  

Step 3: Evaluate Eligible Services & Technology Funding Options

Most services, equipment, and technology aimed at improving or enhancing the cybersecurity of K-12 schools are eligible for the Schools and Libraries Cybersecurity Pilot Program. Qualified tools are categorized into four main technological areas:

• Advanced/Next-Generation Firewalls
• Endpoint Protection
• Identity Protection and Authentication
• Monitoring, Detection, and Response

Advanced/Next-Generation Firewalls

“Advanced/Next-Generation Firewalls” cover sophisticated firewall technologies with enhanced features and capabilities (i.e., systems that filter traffic beyond predefined rules and IP addresses). This includes:

• Deep Packet Inspection (DPI) 
• Application Awareness & Control
• Internet of Things (IoT) Security
• Virtual Private Network (VPN)
• Network Segmentation
• Firewall as a Service (FWaaS)

Endpoint Protection

“Endpoint Protection” covers equipment and services that protect end-user devices — including desktops, laptops, and mobile devices — against digital threats. This includes: 

• Anti-Malware
• Anti-Ransomware
• Anti-Spam
• Anti-Virus
• Endpoint Detection & Response (EDR)
• Extended Detection & Response (XDR)

Identity Protection and Authentication

“Identity Protection and Authentication” covers equipment that helps prevent theft or misuse of personal information. This includes: 

• Content Blocking and Filtering/URL Filtering
• Digital Identity Tools
• DNS/DNS-Layer Security, Blocking, and Filtering
• Intrusion Detection Systems (IDS)
• Logging Practices / Event Logging
• Network Access Control
• Single Sign-On (SSO)

Monitoring, Detection, and Response

“Monitoring, Detection, and Response” equipment covers services and solutions that monitor and/or detect threats to a network, and enable users to take corrective action to mitigate those threats.

• Internal/External Vulnerability Scanning
• Network/Device Monitoring & Response
• Managed Detection & Response (MDR)
• Security Operations Center (SOC) for Around the Clock (24/7/365) Monitoring, Detection, and Response
• Threat Hunting/Updates and Threat Intelligence
• Vulnerability Management

View the full list of eligible services covered by the FCC Program here.

Step 4: Complete Your Pilot Program Pre-Application Checklist

For K-12 IT directors in particular, the Pilot Program offers a crucial opportunity to strengthen your school's cybersecurity infrastructure. 

The FCC recommends interested applicants take the following steps to prepare for the cybersecurity Pilot Program application: 

1. Review the Pilot Program Order and check out the FCC’s and USAC’s Cyber Pilot websites

2. Sign up for updates from the FCC’s Universal Services Administrative Company

3. Obtain an FCC registration number (FRN) or locate your existing registration number

4. Obtain a Billed Entity Number (BEN) and create a user profile in the E-Rate Productivity Center (EPC)

5. Verify you are not currently in red light status at the FCC, or on the U.S. Treasury’s do not pay list

6. Register with the System for Award Management at SAM.gov (registration can take 10-20 business days)

7. Evaluate your current and future cybersecurity needs

Additional Application Support

Schools and libraries struggling with the resources necessary to create a thorough, competitive application are encouraged to reach out to take advantage of external support resources. This includes: 

• Advocacy organizations such as:
  • The Consortium for School Networking
  • The State Educational Technology Directors Association 
• State E-rate coordinators
• Third-party E-rate consultants

Protecting Your District's Digital Future with Linewize

The FCC's pilot program is a significant step toward improving cybersecurity in K-12 education. By providing targeted funding, this program can help schools build effective defenses against rising online threats. 

This initiative not only addresses current digital challenges, but also lays the groundwork for a more secure future in education.

The following two Linewize solutions for student safety may be covered or reimbursed with FCC funding:

School Manager

School Manager is a content-aware, hybrid filter designed to assess network traffic beyond the URL for both managed and unmanaged devices. 

Key security features include the ability to: 

• Protect all smart devices on your school network, such as smart boards
• Assess individual pages on any webpage —  including new, uncategorized, and proxy sites
• Blur harmful and inappropriate images in real-time 
• Monitor bandwidth utilization across all network activity
• Filter devices from anywhere without a proxy, tunnel, VPN, or additional certificates
• Check all traffic beyond the standard web ports 80, 443, and 53
• Deliver automated reports detailing attempts to get around the filter via VPNs and other workarounds

Linewize Monitor

Linewize Monitor is a student online threat detection solution that helps school districts detect online risks before they become critical real-life incidents.

Linewize Monitor supports your school with several key safety features:

• Provides 24/7 human moderation to alert and notify you to serious student safety concerns
• Analyzes student online behavior across all apps and websites on student-issued devices, including documents, emails, chat applications, and more
• Alerts your designated staff when vulnerable students reveal personally identifiable information online
• Maintains compliance with all four iKeepSafe certifications (the only solution of its kind to hold all four)

Conclusion

At Linewize, our goal is to partner with school districts with an integrated suite of safety solutions designed to enhance your digital safety strategy and reinforce a fortified infrastructure.

Meet with our team to learn more about our Digital Safety & Wellbeing Framework — and how we can support your current and future needs.