In an effort to stymie online theft of financial aid at California’s 116 community colleges, the campuses may soon receive about $100 million in total to beef up their cybersecurity.
The $100 million funding plan was brought Tuesday to lawmakers as an information item during a hearing of the Assembly’s budget subcommittee on education finance. The spending, initially proposed in January by Gov. Gavin Newsom, was endorsed by the Legislative Analyst’s Office, a nonpartisan office that gives fiscal and policy advice to the Legislature. The subcommittee’s staff also signaled support.
“Our system needs a strong investment in technology resources, especially cybersecurity. The severity of our needs continue to increase,” Lizette Navarette, executive vice chancellor of the community college system, said during Tuesday’s hearing.
Lawmakers did not vote on the proposal, but none expressed dissent to it. Lawmakers and Newsom must agree to the budget by this summer.
The system’s 116 colleges have been dealing with security breaches since last year and have reported tens of thousands of attempts by scammers to apply and enroll. An EdSource survey of colleges last year found that hundreds of thousands of dollars were lost to the scammers, although the actual figure could be much higher. Often, the attacks have targeted a piece of the $1.6 billion that the federal government allocated to California’s community colleges for emergency financial aid as part of Covid-19 relief packages.
Navarette said during Tuesday’s hearing that one of the state’s 73 community college districts experienced a breach just last month, though she did not specify which district.
Under Newsom’s proposal, $25 million would be ongoing funding that the colleges would receive annually, mainly to increase cybersecurity staffing at the colleges. The remaining $75 million would be one-time support for the colleges and would pay for upgrades, such as anti-fraud technology and new security software.
The Legislative Analyst’s Office sees “a lot of merit” in Newsom’s proposal, said Paul Steenhausen, a policy analyst focusing on community colleges for the LAO. “Maintaining information security and preventing fraud is really critical,” Steenhausen added during the hearing.
Staff for lawmakers on the committee agreed with the LAO’s assessment. “More spending and more positions related to cybersecurity does seem warranted, given recent attempts to defraud the system to gain access to federal and state financial aid,” they wrote in an agenda item for Tuesday’s meeting.
The LAO has suggested that the Legislature give the system $23 million as a starting point to hire cybersecurity staff across the colleges. The LAO estimates that would be enough to cover at least one full-time person dedicated to cybersecurity at each of the colleges, though in the agenda for Tuesday’s meeting, the LAO added that districts with more than one college may eventually warrant more funding.
For technology and security upgrades at the colleges, the LAO is recommending that lawmakers give the system $69 million and direct the chancellor’s office to allocate the funding based on each of the college’s specific needs, not just on enrollment. Colleges that are less prepared to combat hackers, for example, would receive more funding than colleges of the same size that are more prepared.
“So trying to lift up all the colleges to a minimum level of cybersecurity, given that the case now is that there are pretty different levels of preparedness,” Steenhausen said.
During Tuesday’s hearing, lawmakers also reiterated their desire to shut down Calbright, the state’s online-only community college that focuses on job training. Under Assembly Bill 2820, the college would cease operating by 2024 and money for Calbright would be reallocated to fund basic needs centers and student housing at the state’s other 115 colleges.
Calbright opened in 2019 and was designed as an alternative to traditional colleges, aiming to serve adult learners looking to get job training rather than associate degrees.
Ajita Talwalker Menon, CEO of the college, testified Tuesday that Calbright should remain open, saying the college has doubled its enrollment since July and “has met every milestone” outlined in its founding legislation.
“It’s important to remember that we’re still actually quite early in our seven-year startup period,” she said.
Lawmakers appeared unimpressed, pointing to low completion rates. By the end of 2021, just 70 students completed a certificate out of 748 that were enrolled.
Assemblymember Kevin McCarty, D-Sacramento, chair of the subcommittee that met Tuesday, argued that instructional changes during the pandemic showed that Calbright isn’t needed. He pointed out that colleges across the state shifted their instruction entirely online at the onset of the pandemic and continue to offer many courses in that fashion.
“So if we have colleges who are thriving and their faculty are learning how to do Zoom education, why do we need this experiment? It seems that it was an experiment and it’s not working,” he said.
To get more reports like this one, click here to sign up for EdSource’s no-cost daily email on latest developments in education.