Dive Brief:
- Cybersecurity topped ed tech leaders’s concerns for a sixth straight year in the Consortium for School Networking’s 10th annual State of Ed Tech national survey.
- Despite ed tech leaders’ persistent sounding of the alarm over cybersecurity, only one-third of districts surveyed said they have a full-time employee focused on network security, CoSN found.
- Some 12% of districts said they do not allocate any funds for cyber defense, according to CoSN’s survey. Two-thirds of ed tech leaders said they don’t believe their district has enough resources to handle cybersecurity issues,
Dive Insight:
Rounding out ed tech leaders’ top concerns were: network infrastructure, data privacy and security, and IT crisis preparedness.
“While the adoption of practices to improve cybersecurity in K-12 is on the rise, so too are the number of bad actors specifically targeting K-12 schools,” the report’s author wrote.
Although federal efforts are slowly ramping up to support K-12 cybersecurity, the CoSN survey illuminates there’s still a long way to go — especially as the severity of cyberattacks grows.
The Medusa ransomware gang claimed responsibility in March for a cyberattack against Minneapolis Public Schools and threatened to publicly release the district’s sensitive data. More recently, Minnesota’s Rochester Public Schools and Alabama’s Jefferson County Schools faced separate cyberattacks over their spring breaks, forcing them to quickly shut down their networks.
Iowa’s largest school district, Des Moines Public Schools, also had to cancel classes for a few days following a cybersecurity incident on its network.
At the federal level, the bipartisan and bicameral Enhancing K-12 Cybersecurity Act was introduced in Congress in April, though no movement on the bill has developed since.
The legislation seeks to strengthen school cybersecurity protections by promoting access to cybersecurity best practices for K-12 leaders and improving cyberattack tracking nationally. The bill would also allocate up to $20 million over two years for schools for new cybersecurity resources.
The White House in March released its National Cybersecurity Strategy. K-12 technology experts expressed cautious optimism that the plan will help support schools enough to receive much-needed cyber defense upgrades.
However, these experts said the plan could help shift cybersecurity responsibilities away from schools and onto ed tech companies. Additionally, there’s hope in the K-12 space that the plan could ramp up momentum to update the E-rate program to cover school and library cybersecurity upgrades like advanced firewalls.
Keith Krueger, CEO of CoSN, previously told K-12 Dive that he is hopeful the White House strategy will focus more on combating ransomware and building up and diversifying the pipeline for cybersecurity professionals.
As the latest CoSN survey noted, districts are strapped to find or fund full-time staff dedicated to school network security.
Even so, other K-12 cybersecurity professionals have suggested some workarounds for addressing this cybersecurity staffing need now, such as relying on a third party to manage cyber defense operations or sharing a chief information security officer with other districts.