Cybersecurity in Schools: Battling the New Digital Frontier

The Rise of Cyberattacks in Education

Brandon Gabel, the technology director for Agua Fria Union High School District in Arizona, began his January morning in 2024 expecting an ordinary day of remote work. However, by 8:30 a.m., his world had turned upside down as he scrambled to his office, fielding calls from the FBI, Arizona homeland security, and various insurance providers. The school district had just fallen victim to a new wave of cyberattacks sweeping the nation.

“They were in our network for a few hours before I cut the VPN [virtual private network] and shut them out,” Gabel recounts. Thanks to state-funded cybersecurity tools, including CrowdStrike, which handle endpoint protection and response (EDR), the attackers left empty-handed.

About five months prior, Gabel had devised an incident response plan. When the attack struck, they implemented the plan swiftly. Nonetheless, this near-miss highlighted a sobering reality: schools have become battlegrounds in a digital war.

A Shocking Reality

According to a report by the nonprofit Center for Internet Security, an alarming 82 percent of reporting schools experienced cyber incidents between July 2023 and December 2024, with over 9,300 confirmed breaches. Once considered a corporate issue, cybertroubles have transformed into a widespread nightmare for educational institutions.

From Playground to Battleground

Not long ago, the biggest digital headaches for schools were broken laptops or slow Wi-Fi. Now, the stakes have reached existential levels. Districts house sensitive information on thousands of children and families, including addresses, medical details, and financial records for meal payments. The ramifications of stolen data can lead to identity theft and fraud, leaving children particularly vulnerable as compromised identities often go undetected for years.

Furthermore, data breaches can inflict reputational and financial harm on districts, making them attractive targets for cybercriminals. “It’s not the prince in Africa anymore,” notes Chantell Manahan, director of technology at MSD of Steuben County in Indiana. “With AI, phishing emails look legitimate now.”

The Human Firewall: A Cultural Shift

As threats evolve, school districts are recognizing that the first line of defense is not just software—it’s people. Training for teachers, administrators, staff, and students to identify potential dangers has become just as critical as conducting fire drills or lockdown procedures.

Manahan recalls an incident where a staff member nearly clicked a malicious link disguised as a routine Amazon gift card offer. If an experienced tech employee could be deceived, she argued, everyone was susceptible.

Her district has since embraced a model where cybersecurity training is a shared responsibility. “We’ve empowered every educator to be a digital guardian,” she states. Tech staff complete courses through platforms like Udemy, while all employees have access to KnowBe4 and CyberNut training. This year, she aims to extend CyberNut’s offerings to high school students.

Incentives Drive Reporting

Other districts have emphasized the importance of incentives. For instance, Couture’s team rewards staff with Swedish Fish for reporting suspicious emails. “The training shouldn’t feel punitive,” he states. “It should reward people for vigilance.”

These simple gestures foster a culture where reporting suspicious emails becomes a point of pride rather than a chore. A collaborative spirit emerges as everyone becomes involved in defending the school network.

Challenges for Small Districts

Not every district has equal access to resources in this cyber warfare. Wealthier and larger systems can recruit extensive tech teams and advanced defenses, while smaller communities often struggle.

In Medway, Massachusetts, Richard Boucher oversees IT for both schools and the town. “My network engineer and I devote over half our day to cyber defense,” he shares. Their layered defense includes various protections such as AI-powered email filtering and continuous vendor monitoring. During an unannounced penetration test, Sophos alerted them in just two minutes, validating the effectiveness of their vigilance.

However, Boucher acknowledges that their success stems from careful prioritization and significant local investment, resources that remain out of reach for many districts. This is where state partnerships become vital.

Creating a Culture of Cyber Safety

Successful districts are beginning to frame cybersecurity as a cultural issue rather than just a checklist of technologies. Amy McLaughlin from the Consortium for School Networking advocates for the term “cyber safety,” emphasizing collective responsibility. “We all know how to lock school doors; this is the electronic version,” she explains.

This cultural shift fosters creative engagement. In Indiana, for example, Manahan distributes CyberNut socks to avid reporters of phishing attempts and commemorates Cybersecurity Awareness Month with Goldfish crackers labeled “Don’t Get Phished.”

The Importance of Fundamentals

Despite advancements in technology, experts agree that the fundamentals often represent the weakest link. Timely patching of outdated systems, addressing known software vulnerabilities, auditing accounts, and enforcing strong passwords can significantly thwart potential attacks.

“Focus on the biggest risks,” advises William Stein from Mt. Vernon MSD in Indiana. “Up to 40 percent of breaches start with patching problems.” Gabel has experienced this firsthand, having found that prior tech teams left behind outdated service accounts, which ultimately facilitated the attack. “Audit, audit, audit,” he stresses.

Building Resilience

The journey ahead involves focusing not on acquiring more tools but on fostering resilience in both systems and communities. Districts are shifting from reactive firefighting to proactive planning through tabletop exercises and collaboration networks, akin to emergency response systems.

These collaborative agreements enable schools to share tech staff and resources during crises, ensuring no school has to face a cyberattack alone. McLaughlin encourages districts to foster collaboration rather than isolation: “No one should be doing this alone.”

While attackers require only one vulnerability to succeed, defenders must protect against all possibilities. Nonetheless, districts are proving that preparation, creativity, and teamwork can help shift the odds.

Reflecting on his recent experience, Gabel acknowledges, “We were lucky, but we were also ready. If we hadn’t invested in training, partnerships, and fundamentals, the story would have turned out very differently.”

Conclusion

The digital landscape for schools is fraught with challenges, but proactive measures and a cultural commitment to cybersecurity can create safer environments for students and staff alike.