CoSN Survey of IT Leaders Shows Ransomware Underestimated, Cybersecurity Still Woefully Understaffed — THE Journal
K-12 IT Status Report
CoSN survey of computer leaders shows ransomware is underestimated, cybersecurity still has unfortunate endowment
The latest state-of-the-art survey of the state-of-the-art Consortium on School Networking building reveals that despite warnings from various agencies and growing incidents of ransomware attacks targeting K-12 schools, IT leaders they continue to underestimate the risk of ransomware in their districts, with only 8% of respondents. describe ransomware as “high risk”
The survey, conducted in February by MCH and K12 Insight, included responses from more than 1,500 IT professionals in public schools, according to the report recently released by CoSN.
The results of the survey also showed that school district IT departments remain understaffed, especially in providing remote support to students and staff and in managing cybersecurity risks, according to the report. only 21% of districts report having a full-time dedicated employee who oversees cybersecurity. .
In addition, amid the shortage of manpower for K-12 IT staff, nearly a third of respondents said they plan to retire in the next five years, CoSN said.
Main conclusions: Infrastructure
K-12’s IT priorities have changed during the COVID-19 pandemic, the report notes. “The ability to run video conferencing software has become a mandatory requirement for purchases of new devices used in education” and the number of respondents reporting video conferencing issues has declined since last year . “More than three-quarters of respondents are prioritizing devices that have Wi-Fi 6 enabled, and the vast majority have replaced BYOD (bring your own device) strategies with 1: 1 strategies provided by the school, even in primary school “, CoSN. dit. “To address off-campus connectivity, most districts now offer district-owned Wi-Fi hotspots for students who do not have home connections.”
- 84% of respondents’ network devices are owned by the district.
- Only 4% of respondents said the district-owned devices comprise 50% or less.
- Middle schools have the highest 1: 1 implementation rate with 86%, followed by high schools with 83%; grades 3-5 is 81%; grades K-2 is 73%.
- 5% of respondents said all their students have adequate access to broadband at home; 7% reported that most of their students have adequate access to home.
- 41% of respondents reported that only 10% of their students do not have broadband access at home.
- 10% said between 31 and 50% of students in their district do not have broadband at home.
- 33% said that between 11 and 30% of students in their district do not have access to a home.
- 81% of districts use a variety of strategies to help students access broadband at home:
- The most popular method is to provide Wi-Fi hotspots, reported by 67% of respondents.
- 10% work with libraries to provide loan points.
- 33% promote federal broadband benefit programs for low-income families.
- 24% promote services sponsored by providers with reduced monthly rates.
- 19% offer free or subsidized access directly to low-income families.
- 14% offer Wi-Fi on school buses.
- 55% of districts have a typical 1 Gbps connection speed between the wireless access point and the local area network.
- 4% of districts have multiples of 1 Gbps.
- 17% of districts reported slower speeds of 100 Mbps, while 2% reported speeds of only 10 Mpbs.
Key results: cybersecurity
- 21% of districts have a full-time equivalent employee dedicated to network security, the same percentage as last year’s survey, CoSN said. “This means that the protection of cybersecurity is a part-time responsibility in a large majority of school districts.”
- 34% said cybersecurity management is managed with a “shared responsibility approach in which cybersecurity functions are performed by more than one employee,” compared to 53% in the 2021 survey.
- 21% of districts outsource cybersecurity management:
- 7% to a public service organization through local or state government or a school district cooperative
- 14% to a private sector provider
- 65% used computer staff training and 63% reported using end-user training to improve cybersecurity.
- 55% use best off-site backup practices.
- 54% encourage staff to update their password.
- 30% of districts do not require any cybersecurity training for their teachers, administrators or staff.
- External hacker threats and ransomware attacks were rated as low or low / medium risk by 37% of districts, compared to 42% who rated threats from students and staff (including human error). ) as low or medium / low risk.
- Only 12% believe that fishing scams are high risk to the security of their network.
- Less than one in ten (8%) of respondents believe they are at high risk of ransomware software attack.
- Assessing their own ability to address cybersecurity issues, 47% felt a little prepared, almost a third (32%) felt more prepared, and 12% felt very prepared. Only 3% felt very prepared.
- 62% of districts purchase cybersecurity insurance and another 3% plan to buy it.
Main conclusions: Acquisition and interoperability
- 52% of IT professionals surveyed have a “great involvement” in the acquisition of digital teaching materials, including 19% acting as the final decision maker. Another 22% are part of the team that evaluates purchases.
- 53% of districts have more than half of their teaching materials in digital format. Only 21% of districts have more than 75% digital.
- 78% of districts have processes in place to review and allow the introduction of free tools into their digital ecosystems; 56% of the districts represented in the survey require a review by the IT department.
- 22% of districts do not have an established process for reviewing free tools.
- 82% of districts said lack of interoperability affects operational efficiency.
- 48% of districts said that solutions such as manual data entry, extraction, transformation, upload procedures, exports / imports of flat data files, FTP and other sending / transfer methods of data affect its operational efficiency at least moderately, including the 12% that said it affects efficiency to a large or very large degree. About a third said they are affected to a lesser degree.