CISA Announces Secure by Design Pledge with K-12 Education Technology Providers

FOR IMMEDIATE RELEASE
Tuesday, September 5, 2023
Contact: CISAMedia@cisa.dhs.gov 

CISA Announces Secure by Design Pledge with K-12 Education Technology Providers

WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) is announcing a voluntary pledge for K-12 Education Technology software manufacturers to commit to designing products with greater security built in. As of September 1, CISA has received commitments from six K-12 software technology providers, including some of the largest providers of K-12 education software in the United States. Commitments received include PowerSchool, Classlink, Clever, GG4L, Instructure, and D2L.

“We need to address K-12 cybersecurity issues at its foundation by ensuring schools and administrators have access to technology and software that is safe and secure right out of the box,” said CISA Director Jen Easterly. “I want to thank Classlink, Clever, D2L, GG4L, Instructure, and PowerSchool who have already signed this pledge and for their leadership in this area. We need all K-12 software manufacturers to help us improve cybersecurity for the education sector by committing to prioritize security as a critical element of product development.”

Companies that sign the pledge are publicly agreeing to adopt three principles:

• Take ownership of customer security outcomes
• Embrace radical transparency and accountability
• Lead from the top by making secure technology a key priority for company leadership

The pledge includes specific, publicly measurable outcomes that the companies are committing to as they develop their roadmaps toward adhering to Secure by Design principles.

Learn more about this voluntary pledge and sign it today by visiting: cisa.gov/k-12-education-technology-secure-design-pledge.

###