New Report Finds Cybersecurity Staffing Shortage as Top Concern for School Districts

Tuesday, January 23rd, 2024

Clever, the platform used by more than 75% of U.S. K-12 schools to simplify and secure digital learning, today released Cybersecure 2024, their annual survey of school administrators offering an in-depth look at the state of cybersecurity across the U.S. K12 landscape.

The survey of over 800 administrators, conducted in Fall of 2023, illuminates the challenges and opportunities for schools in strengthening cybersecurity. 1 in 3 districts ranked lack of dedicated cybersecurity personnel as their top challenge in safeguarding schools, in line with similar findings from CoSN that many district leaders lack sufficient cybersecurity resources and face budget constraints. In fact, 50% of districts also reported wanting to spend more on cybersecurity than they currently do, underscoring the growing need for investments and preparation. This need is evidenced by one district's experience with a major ransomware attack:

"Our collaborative stance on cybersecurity was strengthened by experiencing a major ransomware attack, said Christy Fisher, Chief Technology Officer, Norman Public Schools. "It emphasized the need for cybersecurity insurance and the critical role of cross-departmental cooperation in negotiating and understanding the financial aspects of cyber risk."

Moreover, while 96% of administrators reported cybersecurity as something that should be a collaborative effort, only 17% reported their strategies truly reflect this team-based approach. As evidenced by these findings, cybersecurity must involve all staff – from IT staff to individual employees –  in awareness, training and prevention efforts to create a culture of shared data/system protection responsibility. Other key findings from the report, which features perspectives from more than 800 administrators, include:

+        Growing Cybersecurity Threats: Phishing and ransomware are identified as the biggest threats, with 80% of administrators concerned about phishing attacks.

+        New Cybersecurity Tools: 89% of districts want to adopt new tech tools to enhance protection, with a focus on identity and access management systems, data encryption, and zero-trust security models.

+        Increasing Vendor Scrutiny: Half of U.S. districts have updated vendor security criteria in the past 2 years; 55% are planning more changes in the year ahead.

The report also provides practical recommendations for districts, including emphasizing user-friendly cybersecurity tools, establishing clear criteria for evaluating and selecting edtech vendors and partners, and mobilizing mindshare around cybersecurity by training all staff roles.

In response to the report findings, Trish Sparks, CEO of Clever, underscored the people-first aspect of cybersecurity: "It's not just about technology — it's about people too. To keep schools safe, everyone involved—tech providers, admins, and teachers—needs to know cybersecurity best practices. Tools like MFA must be easy to use, making it more likely for everyone to use them and keep schools secure."

To learn more about the state of cybersecurity in K-12 education, read the full report here.