Quarter of K–12 Admins Surveyed Reported a Cyber Incident in Past Year

Clever Research Shows Differences Among Teachers, Administrators on Vulnerabilities, Needs, Spending Plans

  • By Kristal Kuykendall
  • 01/12/23

In a recent survey conducted by single sign-on provider Clever, 25% of administrators responding said their district had experienced a hack, phishing incident, data breach, or other cyberattack in the past year.

Clever’s new report, “Cybersecure 2023: The State of Data Security and Privacy in K–12 Schools,” shares results from its survey of nearly 4,000 U.S. school administrators and educators, conducted in October 2022. The research was conducted by Whiteboard Advisors.

The respondents included more than 800 administrators, including those with ed tech or instructional tech roles; over 3,000 teachers from all grade levels, according to Clever’s report.

The survey reveals that teachers underestimate cyber risks when compared to administrators and overestimate the potential vulnerabilities posed by students and staff.

“Only 11% of teachers surveyed said they thought a cyberattack on a school near them would be ‘very likely,’ while 25% of administrators said that their district had already experienced a cyberattack in the past year,” the report said.

Of those administrators reporting their district had experienced some type of cyber incident in the past year, two-thirds cited phishing attacks targeting staff email.

Graphic from Clever Cybersecure 2023 report on types of incidents reported by K-12 respondents

On their views of biggest vulnerabilities, 67% of teachers responding to the survey said they consider students as the biggest risk for a security incident, with teachers representing the second-biggest risk according to respondents.

Just 6% of teachers ranked administrators or technology staff as posing the biggest potential cybersecurity risk.

Administrators, on the other hand, reported a “more diffuse sense of the potential risk,” Clever said. Administrators responding to the survey were three times more likely than teachers to assign cybersecurity risk to administrators.

Graphic from Clever Cybersecure 2023 report on K-12 educators' thoughts on vulnerabilities

Similarly, when asked about data privacy, administrators were five times more likely than teachers to “believe their peers in administration are the biggest vulnerability,” the report said. They were also far more likely than teachers to report a belief that their ed tech vendors pose a risk to student data privacy.

When asked about their cybersecurity posture and readiness, more than half of administrators, or 63%, and 53% of teachers said they feel their districts were prepared for digital security challenges. Nearly all the teachers responding (91%) said they were “very confident” in their knowledge of their schools’ acceptable use policy, 90% were “very confident” in their knowledge of student data confidentiality practices, and 89% were “very confident”’ in their understanding of the importance of good password management.

Teachers and administrators both responded that devices were the “most vulnerable part of their technology infrastructure,” but administrators reported other potential risks, too: Administrators were twice as concerned as teachers about vulnerabilities from curriculum and instruction software, and four times as concerned about risks posed by administrative platforms such as an LMS or SIS.

Graphic from Clever Cybersecure 2023 report on educators' beliefs about technical infrastructure vulnerabilities

Since the pandemic-era explosion in the use of digital learning tools, over half of administrators responding reported an increase in staff training and informal conversations about digital security. Yet only 25% of teachers responding said they had experienced more additional training. Two-thirds of teachers surveyed reported they wanted to learn more about topics related to data privacy and security.

graphic from Clever Cybersecure 2023 report on educators' reported interest in additional digital security training

In looking ahead at digital security needs, plans, and spending, three of four districts responding said they planned to increase their spending on security and privacy over the next two to three years, according to Clever’s report.

  • 51% of districts responding said they've used federal stimulus funding to support student data privacy and/or cybersecurity during the pandemic.
  • 77% of administrators responding said they expect their district's spending on digital security to increase over the next two to three years, which includes the 12% of respondents that answered "it will increase significantly."
  • 18% of administrators said digital security spending will not change.
  • 4% answered "it will decrease," and 1% said "it will decrease significantly."

Read more or download the full survey report at Clever.com.

About the Author

Kristal Kuykendall is editor, 1105 Media Education Group. She can be reached at [email protected].


Featured

  • glowing digital human brain composed of abstract lines and nodes, connected to STEM icons, including a DNA strand, a cogwheel, a circuit board, and mathematical formulas

    OpenAI Launches 'Reasoning' AI Model Optimized for STEM

    OpenAI has launched o1, a new family of AI models that are optimized for "reasoning-heavy" tasks like math, coding and science.

  • landscape photo with an AI rubber stamp on top

    California AI Watermarking Bill Supported by OpenAI

    OpenAI, creator of ChatGPT, is backing a California bill that would require tech companies to label AI-generated content in the form of a digital "watermark." The proposed legislation, known as the "California Digital Content Provenance Standards" (AB 3211), aims to ensure transparency in digital media by identifying content created through artificial intelligence. This requirement would apply to a broad range of AI-generated material, from harmless memes to deepfakes that could be used to spread misinformation about political candidates.

  • clock with gears and digital circuits inside

    Report Estimates Cost of AI at Nearly $300K Per Minute

    A report from cloud-based data/BI specialist Domo provides a staggering estimate of the minute-by-minute impact of today's generative AI boom.

  • glowing lines connecting colorful nodes on a deep blue and black gradient background

    Juniper Intros AI-Native Networking and Security Management Platform

    Juniper Networks has launched a new solution that integrates security and networking management under a unified cloud and artificial intelligence engine.