Friday Institute and NCDPI Partner to Support NC’s Digital Learning Plan Through Data Privacy and Cybersecurity

School shuts down when technology does. This was Ashley McBride’s experience as the tech director of a North Carolina school district when a fiber optic cable was cut, leaving a school without access to the internet. Everything came to a stop, said McBride. For starters, teachers had to rethink and restructure some of their lessons, and they couldn’t quickly take and record attendance. Sometimes lack of control of a school’s technology can also impact communication between schools and its central office, school safety measures (such as badge readers), utilities and more, according to Samuel Carter, systems architect at the Friday Institute for Educational Innovation.  

“Schools have to be able to guarantee those things,” said Carter. “Cybersecurity plays an intimate role in protecting each of those things that a school needs to operate. If they can’t guarantee some minimum level of acceptable functionality on these, they can’t have school. It doesn’t take much to shut one of those things down.”

Data privacy and cybersecurity are a key piece of the 2022 North Carolina Digital Learning Plan (NCDLP), created by the North Carolina Department of Public Instruction (NCDPI). This detailed plan provides data, action steps and metrics for North Carolina’s Digital Learning Initiative. 

To support public schools who need help meeting their digital learning needs, NCDPI builds trainings around topics where the most support is needed. One of those trainings, the Digital Leader’s Exchange, is where “a shared vision for digital teaching and learning is established and communicated with all stakeholders” to “effectively plan and implement action steps to carry out the shared vision.” Since Sept. 2023, NCDPI has been leading these sessions on each piece of the digital learning plan. The Friday Institute has attended and presented at each of these sessions since the first session on data privacy and cybersecurity, partnering with NCDPI to educate North Carolina public school admins and staff.

The last session of the year, held in April, focused on leadership and end-of-the-year processes. The Friday Institute staff presented on these activities from a cybersecurity perspective, including end-of-year management and planning for the KnowBe4 Console, a tool to manage cybersecurity and awareness skills training, and end-of-year processes and procedures for essential cyber hygiene. There are about 100 active consoles/public school units who currently use NCDPI’s free offering of the KnowBe4 platform.

“Knowledge is power,” said Jacob French, director of digital teaching and learning for Hoke County Schools. “It’s been valuable to have a tool that you can basically set and forget. It’s not really set and forget, but we can build out our plan for the year, schedule it ahead of time, know that folks are getting the content that we’ve targeted to them, and then respond in a smart, interactive way.” 

The Friday Institute has supported NCDPI’s Digital Learning Plan from the start, built upon its early work in digital learning, research and connectivity. They published the first NCDLP in 2015 with NDCPI. In response to the NCDLP, the General Assembly allocated funds to NCDPI to create the North Carolina Digital Learning Initiative (NCDLI) in partnership with the Friday Institute in order to enact the recommendations in the plan.

“We appreciate the Friday Institute and where they’ve partnered with us in the digital learning plan in the past, especially in data privacy and cybersecurity and their research pieces too,” said McBride, digital learning initiative section chief for NCDPI. “I know that they’ve done some research for us, and that’s been good. I mean, they help us to make sure that our schools are safe.”

When the NCDLP was updated in 2022, data privacy and cybersecurity was elevated to its own piece of the plan to raise awareness of its importance to superintendents, state leaders, school boards and the legislature. 

“This is a core component,” said Tim Wease, Public School Unit (PSU) cybersecurity specialist at NCDPI. “This is important. We need to do these things to protect our student privacy. We need to do these things to ensure effective learning environments and safe learning spaces for our students that are protected and help to ensure they don’t suffer a cyber attack or inhibit some sort of loss of instruction during a cyberattack.”

In 2021, NCDPI established the K-12 Cybersecurity Program to provide a full K-12 cybersecurity support system for North Carolina public schools at no cost. The Friday Institute for Educational Innovation is a key partner in this program. The Friday Institute’s role in the K-12 Cybersecurity Program is to create, maintain and manage tools that inform and automate cybersecurity functions for North Carolina public schools; provide strategy and expertise; and train and disseminate information to help schools connect to the internet efficiently and securely. The Friday Institute is involved in eight distinct work streams for the program that collectively create and support a robust defense against cyber risks.

“The organization would not have been able to provide that support to our PSUs without them,” said Wease. “They’ve brought a lot of operational capacity and also a lot of high-level knowledge. There’s a balance there because they bring some expertise that PSU people might not have; but we also balance each other out I think because we bring the PSU experience.” 

The Friday Institute staff supporting the cybersecurity program includes Senior Director of the Technology Infrastructure Lab Ray Zeisz, Carter and Cybersecurity Analyst Amir Lawrence, who have helped more than 60 PSUs create incident response plans and facilitated more than 200,000 educators completing over a half million cybersecurity training modules. Wease said the Friday Institute team was instrumental in adapting the incident response plan to better fit schools and going throughout the state to train PSUs to be ready for a cyberattack.

“I think this partnership with the Friday Institute, MCNC, DPI and all of the schools together kind of collaborating on the same topic is really essential to all of us,” said Doug Noell, director of IT operations for the Chapel Hill-Carborro School District. “I don’t think the outsiders have a chance anymore.”