The United States K-12 education system has been in a state of change for many years. The focus is to provide students with the best education possible in an ever-changing world. The use of technology has been one way to provide a more efficient and effective education. This has allowed students to learn from anywhere at any time. The use of technology has also helped students to learn in different ways, whether it be a physical activity or through the use of a computer program. However, despite the amazing help of technology towards education, one thing is for sure, this has also introduced the rise of malicious cyber threats.


As we increasingly rely on new technologies, our educational institutions have become increasingly vulnerable to cyberattacks. These attacks can have a significant impact on the delivery of critical education services, and the resulting strain on resources can be a burden on our educational institutions. This threatens the nation’s ability to educate our children.


There are a number of factors that contribute to this vulnerability. First, new technologies are often not fully tested before they are implemented. This can leave potential security vulnerabilities unaddressed. Second, educational institutions typically have limited resources dedicated to cybersecurity. This can make it difficult to adequately protect against all potential threats. Finally, the nature of education means that there is often a need to share information between different institutions and individuals. This sharing of information can create opportunities for cybercriminals to gain access to sensitive data.


The best way to address this challenge is to ensure that educational institutions have adequate resources dedicated to cybersecurity. As the school year comes to a close, administrators, superintendents, and other leaders at every K–12 institution should be taking a close look at their cybersecurity posture. With the COVID-19 pandemic upending traditional education models and forcing more schools to turn to distance learning, there has never been a greater need to ensure that students’ data is protected.


There are a number of steps that can be taken to improve cybersecurity at K–12 institutions, but some investments will have a greater impact than others. Chief among these is the deployment of multifactor authentication (MFA). MFA adds an extra layer of security by requiring users to provide not just a username and password, but also another piece of information such as a code from a mobile device or hardware token. This makes it much harder for attackers to gain access to accounts, even if they have stolen credentials. Another top priority for K–12 entities should be mitigating known exploited vulnerabilities. Cybercriminals are constantly on the lookout for software with known vulnerabilities that they can exploit for their own gain. By patching these vulnerabilities as soon as possible, K–12 entities can make it much harder for attackers to get in.


Implementing and testing backups is another critical step that should not be overlooked. In the event of a successful attack, having good backups in place will help ensure that data can be recovered quickly and with minimal disruption.


Additionally, it is important to raise awareness of the importance of cybersecurity among all members of the educational community. By taking these steps, we can help reduce the vulnerability of our educational institutions and protect our children’s future.