Your Comprehensive Guide to School Cybersecurity Resources

For every size school or district, a strong focus on cybersecurity is here to stay. Just like academic achievement, student well-being, and diversity and inclusion, protecting your data should be built into K-12 planning and initiatives. Over the past few years, cybersecurity has consistently been a top priority for education technology directors, according to CoSN’s annual survey.  

And for good reason.  

Between 2016 and 2021, there was more than one K-12 cyber incident every school day for a total of 1,331 incidents. In 2022, ransomware attacks impacted 45 school districts representing 1,981 schools. 

And speaking of ransomware, the average recovery time is 287 days, at an average cost to schools of $268,000.  

Keys to improving your cybersecurity include: 

• Ongoing training
• Best practices for all users (including students and families)
• Quality technology with proven security measures in place 
• Partnership with leading edtech vendors who prioritize protecting your data 

To help improve your data security, we’ve assembled resources covering each of these areas, as well as information on self-assessment to see where you are, costs and budgeting, and stories from fellow districts to hear how they’re improving data security.  

6 Must-Have School Cybersecurity Tips and Training Resources 

Unfortunately, bad actors constantly look at new and innovative ways to access your data and cyberattacks are continually evolving. Schools and districts have to be savvy and stay a step ahead—through ongoing training, researching, and implementing best practices for all users of their systems.   

This blog, School Cybersecurity: 5 Tips for Digital K-12 Operations, offers best practices for improving cybersecurity in an increasingly digital education landscape. Since the COVID-19 pandemic, many school operations, teaching, and learning have shifted online, potentially putting your data at additional risk of cybercriminals.  

The whitepaper, K-12 Security Tips That Will Protect Student Data Today, was written in partnership with PowerSchool’s chief information security officer and dedicated security staff. It offers practical steps to protect student data involving collecting information, encryption, password management, and network defense and endpoint protection. The whitepaper also provides guidelines for identifying safe edtech and vendors that can help boost your security.  

Check your cybersecurity readiness with this checklist:
Is Your District Ready for Cybersecurity Threats this Back to School? 

Learn tips for creating a successful K-12 cybersecurity plan, including mitigation, communication, continuous training, and remediation. Compiled specifically for principals, but applicable to any administrator, A Principal’s Guide to Promoting Digital Citizenship and Student Data Security offers specific tips for elementary schools, middle schools, high schools, and for principals themselves.  

To help overcome human error, which is the No. 1 factor of K-12 cyberattacks, check out the infographic, How to Build and Fortify a Human Firewall. It covers five areas to focus on and provides tips for real-life scenarios to implement recommendations.  

Safeguarding Edtech: Strategies for Protecting Your School’s Data  

According to the latest State of K-12 Cybersecurity: Year In Review by K12six, in 55% of all school data breaches from 2016-2021, edtech products were responsible as the entry point. That’s why it’s critical to make sure you’re partnering with companies with proven data security measures in place to help protect your sensitive student, staff, and school information.  

Choosing interoperable products is a great start. Tech directors can learn how to improve student data security and privacy through interoperability, or visit the interoperability resource hub for on-demand webinars, blogs, case studies, and more. Throughout each of these resources, you’ll learn the value of interoperability, including data security and efficiency, data insights, and ROI.   

Hosting edtech products on the cloud can also significantly improve your security standing. Quality cloud hosting providers have implemented the highest security standards and best practices. This blog on 5 ways moving to edtech cloud hosting can benefit your district walks through specific benefits of cloud hosting, including heightened security.  

And for specific product data security, the K-12 Student Information Buying Guide is your comprehensive source for what to look for in a secure, flexible, and future-ready SIS.  

How to Vet Your Edtech Partners 

In line with choosing secure edtech products, you also need to partner with companies that prove their commitment to protecting your student, staff, school, and district data. Your software vendor should be a good custodian of your student data—taking all reasonable and appropriate countermeasures to ensure data confidentiality, integrity, and availability.  

As the leading software provider for K-12 education in North America, PowerSchool has a proven track record of protecting student data. Some of our security features include:  

• Dependence on a Security Operations Center (SOC) 
• ISO 27001 certified 
• Helping our customers create standard security audits 
• Partnering with certified companies
• Featuring security vulnerability tracking  

Learn more about PowerSchool’s security in this blog from Rich Gay, our chief information security officer, along with his own tips for your school or district.  

Data privacy is also a top priority at PowerSchool. Find out how Data Privacy is at the Heart of What We Do from Darron Flagg, our chief compliance officer. You’ll learn about our commitment, role, and how we uphold privacy laws like FERRPA and COPPA to protect your data.  

Put your partners to the test in the 20-Point Cybersecurity Inspection for Edtech Vendors  

Securing K-12 Data: Strategies and Success Stories  

In 2022, Los Angeles Unified School District suffered a highly publicized cyberattack over Labor Day weekend. Find out how the district was prepared, and their immediate first steps after the attack, in this blog, Top Lessons from One of the Biggest Recent K-12 Cyberattacks. You can also hear Jack Kelanic, LAUSD’s Senior Administrator/IT Infrastructure, speak about the event, along with the benefits cloud hosting can provide for improved security, in this on-demand webinar, Moving to the K-12 Cloud, Security Questions Answered.  

Hear from a chief technology officer and instructional coach for digital learning in this video, Norwalk Public Schools Speak to the importance of Cybersecurity. They speak about how their district focuses on digital citizenship for students and parents.  

A pair of customer stories are highlighted in these case studies showing the benefits cloud hosting provides. In Resting Easy in the Cloud: Lake Highland Experiences Lasting Benefits with PowerSchool Hosting, you’ll learn how this Florida district has improved data security, as well as experienced significant cost savings, fewer disruptions, less stress on technology staff, and improved reliability.  

Also, learn how Torrington Public Schools saves $360,000 over five years by switching to hosting and reducing infrastructure and staff costs. In addition to those significant cost savings, the district is also pleased with the added security for its small technology team.  

“We don’t have a person working specifically on security. If something bad were to happen, you’re already pulled in so many different directions, so you don’t have the time and resources to quickly address the issue. But now, it’s all being handled by professionals with the right equipment and security systems in place. It’s very comforting,” says Torrington’s director of information technology.  

Unlocking Funds for Cybersecurity: A Comprehensive Guide for Schools  

Cybersecurity can be costly, especially for smaller technology teams with limited time and budgets. But at the same time, the costs of cyberattacks can far outweigh any preventative costs. The average cost of a data breach across all industries is $4.24 million. And school districts can expect additional costs outside of the actual breach, as class-action lawsuits will no longer require proof of actual harm.  

In Your Guide to Understanding and Reducing K-12 Cybersecurity Costs, we look further at how cyberattacks impact schools and districts and outline steps schools and districts can take to reduce the cost of cyberattacks.  

And finally, A Superintendent’s Guide to Federal Cybersecurity Grants offers multiple resources for accessing local, state, and federal funding for cybersecurity efforts. We provide explanations and tips for taking advantage of the $1 billion State and Local Cybersecurity Grant Program and how PowerSchool can help you meet requirements.