A new survey indicates 75 per cent of US K-12 school districts will increase spending on security and privacy in the next two to three years as 25 per cent of teachers report that cybersecurity training is missing in their district.
Digital learning platform Clever surveyed more than 800 US-based school administrators and more than 3,000 US-based educators and discovered the two groups have different opinions about security vulnerabilities as the district edtech stack increases.
According to Clever’s data, three out of four districts say they will increase their spending on security and privacy in the next two to three years. While more than half of administrators (63 per cent) and teachers (53 per cent) believe that their district is prepared to take on digital security challenges, one in four teachers report that cybersecurity training is missing altogether in their district.
Last year, over 90 per cent of educators said they will continue to use at least some of the digital tools they adopted during the pandemic, as schools increasingly embrace devices and digital platforms to enable individualised instruction and student support. But with the expanded access to technology comes greater responsibility on schools and their edtech partners to protect the information these tools may collect. In 2021, nearly a million students were impacted by 67 ransomware attacks against schools, costing over US$3.5 billion in downtime.
The data suggest that educators and administrators perceive the risks in schools differently: only 11 per cent of teachers said a cybersecurity incident would be very likely, but one in four administrators say their district already experienced a hack, phishing incident, data breach, or other cyber attacks in the past year.
Cybersecurity is a team sport
"Creating a safe digital learning environment requires that everyone -- administrators, educators, students - play a role," says Mohit Gupta, who oversees security products at Clever. "Cybersecurity is a team sport, and the differences highlighted in the survey offer us a path forward to address vulnerabilities in our schools. While the groups differ on where the risks exist, they agree on what can be done: more training for educators, the use of security tools, and increased specialised staff."
Clever's Cybersecure 2023 report also found that teachers and administrators see devices as the greatest tech vulnerability in their district. Teachers (34 per cent) and administrators (34.3 per cent) believe that devices are the most vulnerable part of their technology infrastructure. However, administrators are more aware of potential risks elsewhere as well: they're five times more concerned about vulnerabilities from administrative platforms like a learning management system or student information system, and nearly three times more concerned about vulnerabilities from applications used for curriculum and instruction.
When it comes to identifying risks around human usage of technology, administrators think teachers are the most likely source of security vulnerability, but teachers think students are. Teachers, responsible for their own safe use of technology and appropriate use by their students, see students (67 per cent) as the biggest risk for a security incident, followed by teachers (27 per cent). In contrast, two-thirds of administrators believe that teachers pose the highest vulnerability threat, and only 19 per cent believe it to be students. Administrators were also three times more likely than teachers to say administrators are vulnerable.
Teachers and administrators agree on what can be done to improve digital security. Both groups believe the three most important activities to support security are more educator training, more or better technology solutions, and more staff focused on technology. Two-thirds of teachers indicated they would want to learn more about topics related to data privacy and security.
One in four teachers says cybersecurity training is missing altogether in their district. While most administrators and educators report that privacy and security training happens in their district, 26 per cent of teachers say they never receive training on privacy or security – representing a big opportunity for districts to shore up their practices.
Increasing challenges means increased spending, and a total of 65 per cent say their spending on digital security will increase over the next two to three years; another 12 per cent say it will increase significantly, and a majority say that federal stimulus dollars are helping support their efforts.