I just read with interest the article entitled “Feds recruit schools in cyber security effort” by Corey Murray (May 2003, http://www.eschoolnews.com/news/ showStory.cfm?ArticleID=4376). I really don’t have any complaints about the article’s expression of need. Security of public school networks is a vital concern for schools and for the nation. I guess what I find missing are the really important pieces.
The article states that school leaders can easily “push network security out of the way.” That is true! However, what isn’t discussed are the reasons. If school network security is such a priority, where is the funding to conduct security audits and to purchase the needed hardware and software to achieve a higher level of security? Public school budgets already are strained to such an extent that many schools push “having access by students” to the exclusion of other network considerations. The public-private cooperation that is stated in the article is fine, but conducting security audits and correcting deficiencies isn’t free. Schools do have a role, but where is the support for these efforts from the federal government?
Frankly, all I see are lofty objectivesand the expectation that someone else besides the federal government is going to pay for it. Unfunded mandates have been a problem for decades. For the government now to come along and preach cyber security in schools is a joke, because they really don’t mean it. Anything they really mean, they fund properly. I would find an article on how much money the federal government is providing to develop educational technology in foreign countries versus what they doing in this country very interesting.
Please do not conclude that I am opposed to securityfar from it. I have spent a considerable amount of my own money to learn more about network security from the SANS Institute. It is a crying need. What I object to is no real mention of fundingor lack of itin the article. I would like to have seen an estimate of how much a security audit would cost and what it would cost to correct obvious problems. If local school systems are expected to fund these initiatives themselves, then critical security improvements are never going to happen.
Paul M. Picard,Information Technology Resource Teacher/Network Manager Wallingford (Conn.) Board of Education