3 in 4 Administrators Expect a Security Incident to Impact Their School This Year -- THE Journal

Research

3 in 4 Administrators Expect a Security Incident to Impact Their School This Year

By Rhea Kelly
02/06/25

In an annual survey from education identity platform Clever, 74% of administrators admitted that they believe a security incident is likely to impact their school system in the coming year. That's up from 71% who said the same last year. Notably, the number of respondents reporting cyber attacks also increased: 36% in this year's survey compared to 31% last year.

For its Cybersecure 2025 Report, Clever surveyed more than 500 school administrators across the United States in Q4 2024 to get their perspective on the state of cybersecurity in K-12 education. About 52% of respondents had IT leadership roles, including director of IT, chief information officer, chief technology, and IT manager. Just 1.5% of respondents held a cybersecurity specialist role, perhaps reflecting a pervasive lack of cybersecurity resources in the field. In fact, respondents ranked cybersecurity staffing shortages as their biggest challenge (cited by 37%, compared to 32% last year), with budget constraints the second most pressing issue (cited by 23%).

Other key findings include:

Only 5% of students have multi-factor authentication protection, compared to 90% of teachers and 95% of IT staff.
1 in 4 school systems report an increase in cyber attacks targeting student accounts.
Just 24% of respondents feel "very confident" in their ability to protect student digital identities.
70% of respondents believe AI is increasing cybersecurity risks.
46% of school systems have some kind of process for evaluating AI in ed tech products, but only 9% have established formal vetting procedures.
More than half of respondents (53%) said their cybersecurity spending is insufficient to meet demands.

The report offers the following recommendations for schools and districts:

Prioritize student account protection, as students are prime targets for cyber attacks;
Modernize identity and access management by implementing a zero-trust security model supported by automated identity and access management tools;
Choose security solutions that reduce reliance on devices (which are often restricted for students) for multi-factor authentication; and
Partner with vendors, state agencies, and the ed tech community to create a transparent, effective cybersecurity ecosystem.

The full report is available on the Clever site (registration required).

About the Author

Rhea Kelly is editor in chief for Campus Technology, THE Journal, and Spaces4Learning. She can be reached at [email protected].

E-Mail this page

Printable Format

Featured

Microsoft Unveils 'Computer Use' Automation in Copilot Studio

Microsoft has announced a new AI-powered feature called "computer use" for its Copilot Studio platform that allows agents to directly interact with Web sites and desktop applications using simulated mouse clicks, menu selections and text inputs.
2025 Predictions: Cybersecurity in K-20 Education

What should K-12 and higher education institutions expect on the cybersecurity front in the coming year? Here's what the experts told us.
CoSN Launches Campaign Advocating for Congressional Support for K-12 Cybersecurity

CoSN, the professional association for K-12 ed tech leaders, has launched a national advocacy campaign urging Congress to maintain federal support for cybersecurity assistance in K-12 education.
Challenges and Opportunities Ahead for the 'Great Chromebook Refresh'

During the pandemic, the education community scrambled to provide students with laptops to promote online learning equity and mitigate learning loss. Today, those devices are approaching the end of their useful lives — and a "great Chromebook refresh" has been predicted as schools seek to replace them with newer models.