CIS Study Finds 82% of K-12 Organizations Experienced Cyber Threat Impacts in the Past 18 Months

A new report from the Center for Internet Security highlights the increasing sophistication, frequency, and impact of cyber attacks against K-12 schools. The 18-month study collected data from more than 4,600 schools and districts, including responses to CIS's 2023 and 2024 Nationwide Cybersecurity Review, MS-ISAC member feedback, services data, direct reporting data from the CIS Security Operations Center, data from CIS Cyber Incident Response Team engagements, and threat data from the CIS Cyber Threat Intelligence Team.  

Eighty-two percent of reporting K-12 organizations said they had experienced cyber incidents in the past 18 months. Nearly 14,000 security events were observed, with 9,300 confirmed incidents. Notably, attacks surged during high-stakes periods like the beginning of the school year or exams — times when restoring services is most critical. "The timing of attacks may demonstrate increasing sophistication of cybercriminals and a move toward strategic targeting K-12 organizations during the academic calendar's pressure points," the report said.

Attacks targeting human behavior exceeded other techniques (such as exploiting technical vulnerabilities) by at least 45%. Malvertisement — using deceptive ads to lead users to malware or phishing scams — was the top malware infection vector, representing 63% of attack methods. "The trend toward attacks that target human vulnerabilities highlights the adaptability of threat actors, who are now exploiting the inherently supportive and trusting characteristics of educational settings," the report noted. "Teachers, administrators, and support staff, whose primary focus is helping students succeed, now find themselves on the front lines of cybersecurity defense."

The report's cybersecurity recommendations reflect the importance of the human element. In addition to implementing technical controls and frameworks, institutions must empower users, boost security awareness, and foster community resilience, the report emphasized.

"Our research shows that K-12 organizations can achieve significantly better security outcomes when they … foster an environment where every individual understands their vital role in protecting their school community," the report asserted. "While cybersecurity measures often focus on the technical aspects of securing the environment, integrating a human-first approach to security mirrors what K-12 organizations are already doing to address types of threats such as tornadoes or fires. K-12 organizations should develop environments where everyone who accesses the network — from administrators to substitute teachers — feels they are a crucial part of the security team."

The full report is openly available on the CIS site

About the Author

Rhea Kelly is editor in chief for Campus Technology, THE Journal, and Spaces4Learning. She can be reached at [email protected].

Featured

  • Abstract geometric shapes including hexagons, circles, and triangles in blue, silver, and white

    Google Introduces Its Most Advanced AI Model Yet

    Google has launched Gemini 2.5 Pro Experimental, a new artificial intelligence model designed to reason through problems before delivering answers, a shift that marks a major leap in AI capability, according to the company.

  • A geometric pattern of open Chromebook computers with bold outlines, subtle shading, and soft gradients, spaced evenly with vibrant green and blue accents on a neutral background.

    Challenges and Opportunities Ahead for the 'Great Chromebook Refresh'

    During the pandemic, the education community scrambled to provide students with laptops to promote online learning equity and mitigate learning loss. Today, those devices are approaching the end of their useful lives — and a "great Chromebook refresh" has been predicted as schools seek to replace them with newer models.  

  • illustration showing a large lock and shield, with school and tech icons like a graduation cap, laptop, and school building

    K12TechPro Launches Cybersecurity Resource Center for K-12 Education

    K12TechPro, a community for technology professionals in education, has introduced the K12TechPro Cybersecurity Hub, a collection of resources designed to bolster cybersecurity in K-12 education.

  • teacher and children working with a LEGO Education Science kit

    LEGO Education Debuts Science Kits for Hands-on Learning

    LEGO Education has announced a new learning solution to engage students in hands-on science learning. Available in three kits by grade band, LEGO Education Science provides 120-plus standards-aligned science lessons, teacher materials, and select LEGO bricks and hardware.