It’s Time to Think Differently: Why a District Cybersecurity Ecosystem Is Critical Today
Project Tomorrow’s annual Speak Up Research® Project has documented the evolution of technology use, both from an instructional and operational perspective, within K-12 education since 2003. Starting in 2017, the Speak Up results have also included a focus on K-12 districts’ cybersecurity preparations. That focus was further defined in 2021 with a dedicated Speak Up survey to more fully understand the views and values held by school district leaders on their overall readiness to address cybersecurity challenges. This new dedicated research focus is generously supported by iboss, a longstanding Project Tomorrow partner.
In this second year of the research, nearly 1,300 district administrators and technology leaders from a representative cross section of school districts nationwide completed an online survey in spring 2022 sharing with us their views on the state of K-12 awareness and preparation for effective cybersecurity. Our analysis of the resulting data from this second annual 2022 iboss-Project Tomorrow K-12 Education Cybersecurity Research Study and the firsthand insights from district leaders nationwide underscores the imperative that it is time to think differently about K-12 cybersecurity and notably, the urgent need for a more shared accountability and responsibility for cybersecurity.
It is our hope that this new executive report will be a clarion call that resonates from the classroom to the school board meeting for every district to implement a cross organizational strategy and a new cybersecurity ecosystem within their district to combat the present and future threats to the security of their district technology assets. To support that work, this report identifies and discusses three specific findings from the Speak Up research that can provide district leaders with a starting point for developing a roadmap for their district’s cybersecurity preparation.
Summary of this year’s K-12 Cybersecurity Findings:
- The increased visibility about high profile cyber-attacks within K-12 districts over the past year has significantly elevated the level of awareness and concern throughout the leadership ranks in K-12 districts.
- However, those higher levels of awareness and concern within district leadership teams have not translated yet into more appropriate policies and processes within the district to adequately prevent an attack and prepare for one when it does happen.
- Implementing the appropriate changes will require that K-12 district leadership re-think the differentiation of roles and responsibilities for cybersecurity and create a new districtwide cybersecurity ecosystem that provides the foundation for sustainable new policies and procedures to adequately protect district digital assets including student and staff personal data.