The Federal Communications Commission received more than 2,700 applications for its pilot program to help schools and libraries fund cybersecurity projects, representing a total of $3.7 billion in requests, according to the agency.
But the pilot program, which was approved by the FCC in June, will provide a total of $200 million to eligible schools and libraries to help them purchase advanced firewalls, antivirus protection technology, and other cybersecurity equipment. That will likely leave many applicants without any of the FCC cybersecurity support or with less than what they requested.
The application window was open from Sept. 17 through Nov. 1. In that time, the FCC received applications from schools and libraries in all 50 states, Puerto Rico, and the District of Columbia, including those in rural and urban communities, according to the agency’s news release.
“The overwhelming response to our pilot program makes clear that the cybersecurity threats impacting school systems are widespread,” said FCC Chairwoman Jessica Rosenworcel in a statement. “The Pilot Program provides an excellent opportunity to both learn from these varied experiences, and also test out solutions in different environments.”
Cybersecurity has been the top concern for district technology leaders for more than five years, according to the nonprofit Consortium for School Networking, or CoSN. Cyberattacks can cost districts millions of dollars and days or weeks of missed learning time.
The education sector has one of the highest rates of ransomware attacks
The cybersecurity risk score for the education and nonprofit sectors has jumped from “moderate” to “high” between 2022 and 2024, according to Moody’s Ratings, a global credit rating provider. The highest score is the “very high” level.
The education sector—which includes K-12 schools and colleges and universities—has reported one of the highest rates of ransomware attacks during that time period, and the costs of cyber incidents have more than tripled in the past year, according to the Moody’s report. The education sector is also among the least prepared when it comes to protecting against cyber incidents, the report said.
The Moody’s report shows that cybersecurity “is not something we can just ignore and hope for the best,” said Keith Krueger, the CEO of CoSN. It’s “a shot across the bow that every superintendent, school board, and finance officer has to care about cybersecurity.”
The high cyber risk could also mean higher cybersecurity insurance rates for school districts, Krueger said.
“We don’t need to wait any longer to see that there’s an urgent demand [for cybersecurity funding],” he said.
The Steuben County school district in Indiana is among the applicants for the FCC’s pilot program, said Chantell Manahan, the district’s technology director.
The district’s last cyber incident was about nine years ago, Manahan said. The attacker encrypted some files, but the district was able to easily restore all the data without having to pay ransom because it had good backups. But she said it could happen again and it could be worse especially with cyberattacks getting more sophisticated.
The Steuben County district has used state and local funding, as well as partnerships with universities, to provide cybersecurity training for staff and buy cybersecurity equipment, Manahan said. The district has also used ESSER funds to pay for other cybersecurity needs.
If the district receives funding from the FCC’s pilot program, Manahan said she would use it to fund endpoint detection and response technology, which continuously monitors computers and services to detect suspicious activity. She said she did a trial run with a company last school year and was “really impressed” by what it was able to alert the district to.
“I don’t think it’s going to take three years to prove the impact” of the cybersecurity grants, Manahan said. “Those districts who are fortunate enough to be part of the pilot are definitely going to be in a better position than those of us who are not.”
The uncertain future of the E-rate program could affect cybersecurity support
The cybersecurity grant program follows years of advocacy for additional federal resources for cybersecurity by the CoSN, the Council of the Great City Schools, the State Educational Technology Directors Association, National School Boards Association, and other education groups. Closing the digital divide has been one of Rosenworcel’s top priorities.
FCC Commissioner Brendan Carr, President-elect Donald Trump’s pick to lead the agency, had voted against the pilot program because he didn’t think it was within FCC’s authority, though he agrees it’s important for schools to have resources they need to secure their networks.
Krueger from CoSN said he hopes the high demand for this pilot program will lead the FCC to modernize the E-rate program to include cybersecurity. The E-rate program, which was created in the mid-1990s to improve school and library internet connectivity, is also administered by the FCC and is paid for primarily through the Universal Service Fund, which is financed through fees on telecommunications services. CoSN and other education groups have been advocating for modernizing the program so that it could also be used to fund cybersecurity upgrades.
“It’s great to have broadband, it’s great to have Wi-Fi, but if it’s not safe and secure, the whole thing is not usable,” he said.
The future of the E-rate program is at risk, however. The U.S. Supreme Court has agreed to take up a case about the constitutionality of the funding mechanism for the Universal Service Fund, which distributes some $4 billion annually under the E-rate program for connecting schools and libraries to the internet.
