Cybersecurity: Proactive Measures to Stay Secure

Proactive Leadership Regarding Cybersecurity in School Systems edLeader Panel recording screenshot

Watch the RecordingListen to the Podcast

This edLeader Panel is presented by CoSN and AASA.
Sponsored by ClassLink

When it comes to cybersecurity, the old adage rings true: a good offense is your best defense. Experts during the edLeader Panel “Proactive Leadership Regarding Cybersecurity in School Systems” stressed schools need to know that it’s not a matter of IF a breach will happen but WHEN, and proactive planning is the most effective protection schools can provide right now.

Dr. Gustavo Balderas, Superintendent of Beaverton School District (OR), remembered his “aha” moment at the White House Cybersecurity Summit for K-12 Schools. Larger districts in California described having explicit cybersecurity plans with precisely what to do, look for, and who to call—some had direct channels to security specialists, even to the White House. “It stuck with me,” he said, because most districts, especially smaller ones, may not have that kind of detail or level of expert access.

According to CoSN’s 2023 State of EdTech Leadership Survey, since 2018, cybersecurity has remained the number-one concern for EdTech leaders and is one of the most sought-after topics for professional learning.

How do you protect your district? What exactly are you protecting against?

The Top 5 Cybersecurity Threats

Dr. Peter J. Aiken, Superintendent of Central York School District (PA), said districts need to be on their toes because hackers can be relentless. Recently, his district experienced a data breach where a hacker changed payroll information, stealing direct deposit funds from two employees. Dr. Aiken said the team quickly marginalized the attack and, with a post-event analysis, helped stop future attacks.

Central York’s data breach is one of the five most common threats schools experience, including:

  1. Phishing
  2. A Distributed Denial-of-Service (DDoS)
  3. Data Breach
  4. Ransomware
  5. IoT (Internet of Things) Vulnerabilities

All panelists said they had experienced one or more of these threats, including a phishing campaign that tried to divert millions of dollars away from a new school fund, a DDoS attack that stifled network access during state testing, and a ransomware virus that captured secure files, demanding payment for release. Luckily, all were thwarted. Dr. Mark D. Benigni, Superintendent of Schools for Meriden Public Schools (CT), said cyberattacks are an ongoing, unfortunate reality because more and more people are intent on hacking school systems.

Strategies To Prevent Cyberattacks

District leaders can do a lot to prevent attacks. A detailed plan for identifying, mitigating, and addressing risks tops the list. However, Dr. Benigni said creating an open line of communication and training all teachers, students, and staff can also be the first line of security. Make cybersecurity training part of annual training, share best practices, and help all students become good digital citizens. According to Dr. Aiken, professional learning has to be continuous and timely because it only takes one person to click on the next “malicious dancing monkey meme accidentally.”

Leaders can find many comprehensive and free resources to create plans, audit networks, and identify vulnerabilities, including CoSN Cybersecurity Resources and AASA School Safety & Cybersecurity Resources.

What To Do in an Attack

Responding during and after an attack also requires strong communication. The panelists couldn’t emphasize enough how vital pre-planning and preparation guide decisions during an attack. Ideally, your action plan fills the gaps when stress levels skyrocket and everyone reacts.

Dr. Balderas recommended building relationships with local law enforcement, including federal agencies in the area. They can help with critical communication. Another tip—cyberattackers are often unaware if the attack worked. A general message noting “technical difficulties” can keep attackers in the dark while authorities secure a breach. Dr. Benigni said the best approach includes notification, mitigation, recovery strategies, and contacting law enforcement.

What Are the Risks?

According to Ann McMullan, Project Director for the CoSN/AASA EmpowerED Superintendents Initiative, cybersecurity should be a top priority. Real risks exist both personally and professionally.


School systems and leaders can be held liable for network security. Dr. Aiken said today’s liability risk necessitates a thorough insurance policy. Dr. Benigni added that a data privacy and security firm can also be a strategic partner.


State laws require districts and partners to abide by specific security standards. Dr. Balderas mentioned using the information gained in annual local and state audits to ensure legal compliance and planning. Dr. Benigni also recommended looking at vendors to ensure they’ve taken the necessary steps.


An attack can damage the district’s or individual’s reputation, especially in highly visible breaches. It’s ripe for frustration or mistrust when the public wants more details than the limited information allowed to be released. According to the panelists, having a communications plan can salvage trust in uncertain times.

Impacts on Instruction

When an attack occurs, educators or students may lose valuable digital time or access to important learning programs. The panelists recommended helping teachers prepare before an attack happens with alternative learning that avoids precious lost instruction time, like going old school by using paper and pencil.

Student Records

Maliciously modified records have far-reaching consequences, affecting a student’s college admission and more. The panelists recommended multi-factor authentication and training as preemptive solutions. Staged phishing campaigns can uncover holes in training and identify security weaknesses, too.

Learn more about this edWeb broadcast, Proactive Leadership Regarding Cybersecurity in School Systems, presented by CoSN and AASA, and sponsored by ClassLink.

Watch the RecordingListen to the Podcast

Join the Community

Super-Connected is a free professional learning community for school superintendents, district leadership, and aspiring district leaders.

AASAAASA is the premier association for school system leaders and serves as the national voice for public education and district leadership on Capitol Hill.

CoSN CoSN (the Consortium for School Networking) is the premier professional association for school system technology leaders. CoSN provides thought leadership resources, community, best practices and advocacy tools to help leaders succeed in the digital transformation. CoSN represents over 13 million students in school districts nationwide and continues to grow as a powerful and influential voice in K-12 education.


ClassLink is a global education provider of identity and analytics products that create more time for learning and help schools better understand digital engagement. As leading advocates for open data standards, we offer instant access to apps and files with single sign-on, streamline class rostering, automate account provisioning, and provide actionable analytics. ClassLink empowers 19 million students and staff in over 2,500 school systems. Visit to learn more.

Love learning with ClassLink


Article by Suzanne Bell, based on this edLeader Panel