Over the past few years, K12 technology leaders have witnessed a significant uptick in the number of cybersecurity-related threats targeting public schools. As a result, school administrators worry they lack sufficient resources to combat this alarming trend.
That’s according to Clever’s latest “Cybersecure 2024” report, a snapshot of some of the most pressing issues in K12 cybersecurity based on responses from more than 800 school administrators across the country.
The report suggests that at least one in three districts ranked a lack of dedicated cybersecurity personnel as their “top challenge” in safeguarding their schools, which mirrors similar findings published by CoSN last year which revealed a lack of cybersecurity resources and budget restraints among K12 district leaders to combat cyber threats.
Districts that experience a cyberattack are more likely to express a need for additional resources to invest in cybersecurity safeguards.
“Our collaborative stance on cybersecurity was strengthened by experiencing a major ransomware attack,” Christy Fisher, chief technology officer at Normal Public Schools, said in the report. “It emphasized the need for cybersecurity insurance and the critical role of cross-departmental cooperation in negotiating and understanding the financial aspects of cyber risk.”
However, some 53% of administrators say their districts is spending “less than they should” on cybersecurity technology. Fortunately, 73% foresee their cybersecurity budget to expand in the next two to three years.
Additionally, leaders (96%) are starting to recognize that cybersecurity is a team effort that requires shared responsibility between IT, leadership, administrators and school staff. Yet, only 17% report that their current security strategies actually reflect this team-based mindset.
More from DA: Sending teachers to FETC 2024? Tell them to check out these 3 sessions
David Shulkin, director of learning and information technology at Bloomfield Hills Schools, shared with the researchers how he’s able to foster a team-based culture despite a lack of resources.
“To avoid the pitfalls of compliance fatigue, we’ve adopted a strategy of integrating simple, actionable cybersecurity advice into our everyday routines, making it more digestible for our staff,” he stated in the report. “Our limited funding means we can’t always expand our cybersecurity team. Hence, we approach cybersecurity as a ‘team sport,’ emphasizing the need for trained staff at all levels and the critical role of funding in this endeavor.”
Additional findings
- 89% of districts are looking into new tech tools to bolster cybersecurity protections while prioritizing the following safeguards:
- Enhancing identity and access management systems (44%)
- Stronger data encryption methods (31%)
- Zero-trust security architecture models (26%)
- One in two districts report having updated their vendor security criteria in the past two years.
- 55% foresee further changes in the years ahead.
“An ounce of prevention goes a long way in cybersecurity efforts,” Erin Mote, executive director and co-founder of InnovateEDU, said in the report. “Developing trainings for teachers and students alike to develop cyber-literacy can be among the most effective ways to eliminate the threat. Districts can also partner with cyber insurance providers to take advantage of discounts and free services—like risk assessments—they might offer to understand risks and develop a plan to eliminate them.”
