Ed Sector More Prepared For Cyber Attacks Than Others

A recent study shows the Education sector is more prepared for cyberattacks than others. But is it enough?

By Erika Hanson | Published

Pediatricians Say Children With Head Lice Should Remain In School


Cybersecurity is a growing area of concern across the nation. Not even the education sector is immune, as reports say that America is the most targeted country for cybersecurity-related attacks. With an increasing threat, it’s vital that the education sector protect itself and students from such threats, and a recent report believes that education as a whole is the most prepared industry in the United States for possible cyberattacks.

Immersive Labs, a U.K.-based company that works with clients globally on cyber threat preparedness, released a report last week showing the findings. They conducted simulations to measure the readiness of different industries for cyberattacks. The report included simulations from 2,100 international organizations running 500,000 individual exercises that ran over 1500 different simulated cyber-related attacks. 

To measure these results on cyberattack readiness, simulations were performed over an 18 month period. The education industry, including K-12 and higher education, outperformed nearly every other industry, including technology, transportation, and healthcare. Likewise, the education sector was the most likely to pay ransoms in the simulated situations, with a quarter of teams giving in to ransom demands.


 There are a few speculations as to the reasoning education industries were more likely to give in to ransom demands. For one, the potential threat to children’s safety may be a large factor. But more importantly, the education sector’s demonstration of collaboration during cyberattacks signifies a strong ability to prevent and deter such threats to schools. 

In the simulations, the education sector used 21 participants on each threat whereas most others only used six. Experts working on the study said that spreading the workload in regards to potential cyberattacks and responses has many benefits. It gives more employees a wider pool of knowledge, skills, and judgment to aid in finding solutions. 

While the study seemed promising, the company also analyzed the frequency of times each industry performed cyber attack exercises. They found the education sector ranked low with an average of two exercises a year. But on the contrary, one expert working on the report said that overplanning can only hinder cybersecurity efforts. Overplanning can often lead to bias, which could be detrimental in certain situations. 


Schools systems across the U.S had a record number of reported cyberattacks in 2021. The rate at which industries like this one will be targets of cybersecurity attacks is thought by many to increase significantly in the coming years. SETDA, a national association of U.S. Ed-tech and IT leaders, released its first-ever Cybersecurity and Privacy Collaborative landscape scan. The report called on federal policymakers and local education leaders to collaboratively increase efforts to stop potential threats through increased information sharing and to commit significant, sustained resources and training. 

Entrepreneurs Bill and Melinda Gates funded the Cybersecurity and Privacy Collaborative through SETDA. The learning community focuses on cybersecurity advocacy in education. Its mission is to support and increase school tech needs. They emphasize the importance of state education leaders taking a larger role in cyberattack deflection efforts as they believe states need to set cybersecurity in schools as a priority.

As more school districts look to new ways to use up COVID relief funds, many are looking to ramp up technology. But as schools continue to increase through tech, the need for more measures to stave off cyberattacks grows. Hopefully, the education sector is really as prepared as studies suggest.