New survey finds cybersecurity is a priority, but many district leaders feel unprepared.
District Administration (DA) partnered with ENA to develop a survey exploring the state of cybersecurity in K-12 school districts. It was deployed to the DA audience in April 2022, and 280 school administrators from around the country participated.
While most said that cybersecurity was a priority for them and their communities, only a small percentage felt that they were very prepared to deal with a cyberattack, and many lacked the resources, staffing, or funding necessary to adequately protect their systems and data.
Responsibilities, challenges, and priorities
The first question asked respondents to identify who in their district held primary responsibility for their cybersecurity strategy.
Overwhelmingly, administrators said this was the responsibility of IT leadership, such as the CIO/CTO/Director of Technology, or district-level IT personnel. When it came to identifying the biggest cybersecurity challenges in their districts, the leading answer selected was “Competing priorities” at 41%, followed closely by “Inadequate funding” (37%), “Teachers and staff don’t see cybersecurity as a priority” (32%), and “Lack of a comprehensive cybersecurity strategy” (29%).
Other common challenges included “Lack of technology leadership or expertise” (15%) and “District leaders don’t see cybersecurity as a priority” (12%). When asked specifically how much of a priority cybersecurity was to different stakeholder groups, there was a significant disparity between district leadership and parents.
Who in your district holds primary responsibility for your cybersecurity strategy?
Some 23% of respondents said that cybersecurity was a “High priority” and 49% said it was a “Priority” for their district’s leadership and local school board. In contrast, just 7% said it was a “High priority” and 35% said it was a “Priority” for their parents, caregivers, and community, while 47% said this was a “Low priority” for that same group.
At the same time, when asked how concerned their district’s parents were about student data privacy and security, some 92% said this was some level of concern, while just 7% said this was not a concern at all.
Preparedness to deal with cyberattacks
When asked to describe how prepared they thought their district was to deal with a cyberattack event, a small percentage said that their district was “Very prepared.”
Some 24% of respondents said that their district had experienced a cybersecurity attack or event in the past three years. Of those who had, just 16% said their district had dealt with the event “Highly effectively,” while 49% said they had “Effectively,” and 25% said they had only “Somewhat effectively.”
Of those who said that their district had experienced a cybersecurity attack or event in the past three years, just 16% said that their school system had dealt with the event “Highly effectively.”
All respondents were also asked what percentage of their budget was earmarked for cybersecurity resources and tools.
20% said it was “0-1%” and 23% said it was “2%-5%,” but the most respondents by far (48%) said they were “Unsure” how much of their budget was allocated for cybersecurity.
How prepared would you say your district is to deal with a cyberattack event?
“Education has become the most targeted sector by cybercriminals, and many school district networks and data are vulnerable,” says Michael McKerley, President of ENA. “This survey showed that while cybersecurity is a priority for many district leaders, and student data security is a priority for parents, school districts often lack the funding and resources required to prevent or mitigate cyberattacks.”
“With these threats continuing to increase and evolve, education communities can look to experienced and trusted technology partners like ENA to provide them with the cybersecurity expertise and solutions needed to protect their students and communities.”
ENA provides a robust portfolio of cybersecurity services and solutions to help keep your network and data secure, so you can focus on what matters most: providing high-quality education opportunities to your students.
