Most schools underprepared for cybersecurity threats

A new report from endpoint management company Action1 shows cyber incidents have become the norm in schools worldwide, with most IT leaders now adopting a more realistic view of their cybersecurity readiness.

But despite rising budgets, persistent staffing shortages and structural barriers continue to leave learning environments exposed to increasingly sophisticated threats, especially AI-driven phishing and ransomware.

Two thirds of school IT leaders now rate their cybersecurity maturity as only moderate, while high confidence dropped from 30 percent last year to 18 percent, reflecting a clearer understanding of today’s complex threat landscape.

“Education systems remain a top target for cyber criminals, and while school leaders are becoming more clear-eyed about the risks, many are still stretched thin,” says Mike Walters, president and co-founder of Action1. “This year’s report shows real progress in how schools approach cybersecurity, but persistent structural limitations, including staffing shortages and outdated infrastructure, continue to leave learning environments vulnerable.”

The report finds 89 percent of schools experienced at least one incident in the past year -- primarily phishing, unauthorized access, and malware -- with reported impacts including data exposure, learning disruption, and financial or reputational harm.

While more schools report stable or increasing cybersecurity spending, nearly 40 percent still feel underprepared for ransomware, and 74 percent lack a dedicated cybersecurity specialist.

Half of school IT leaders still view ransomware as a serious threat to learning continuity. However, a striking 92 percent expect AI-powered phishing to be the most dangerous threat in the coming year, overtaking ransomware.

The full Cybersecurity in Education report is available from the Action1 site.

Image credit: denisismagilov/depositphotos.com