Cross-posted on the EdTech Strategies blog:

As quoted in:

Herold, Benjamin. “K-12 Cybersecurity Lessons Learned From ‘Constant Barrage of Attacks’.” Education Week. 19 March 2019.

“Relying solely on ad hoc efforts to manage school cybersecurity risk is like playing football without a helmet,” said Doug Levin, the CEO of consulting group EdTech Strategies, which operates the K-12 Cybersecurity Resource Center. “The digital threats facing schools today are greater than they have ever been, and it is only a matter of time before a preventable incident blindsides a member of the school community.”

The K-12 Cybersecurity Resource Center documented 122 publicly reported cyberattacks on schools in 2018. Well over half resulted in the sensitive data of students or staff being compromised. That’s probably the tip of the iceberg.


Levin said it’s critical that districts not wait to take basic steps.


“Just like we know that eating right and exercising can lead to a healthier life, there are basic cyber hygiene practices—such as deploying anti-malware and anti-phishing technology, ensuring IT systems are backed up, implementing multi-factor authentication, and offering user training—that can make a big difference,” he said.