Cybersecurity in K-12 Schools: Preparing for & Responding to Current Threats

Get ready! The Learning Technology Center will host a cybersecurity workshop in Chicagoland on Thursday, April 4, starting at 8 am CST. In this workshop, participants will gain insights into identifying and addressing cybersecurity incidents, crafting effective disaster recovery strategies, navigating the digital landscape with a robust cyber guide, and actively participating in a simulated incident response scenario. By the end of this session, you’ll be better equipped to enhance your organization’s cybersecurity posture, fostering resilience and preparedness against evolving cyber threats.


Eric Muckensturm
Cybersecurity Specialist, Learning Technology Center

Duane Shaffer
Network and Information Technology Specialist, Learning Technology Center

Jared Lynn
Director of Technology Services, Learning Technology Center

Building Your Cyber Incident Response Team

When you’re blindsided by a sudden cyber attack, it pays to have a band of heroes you can call upon to save the day. Fortunately, that’s exactly what a cyber incident response team (CIRT) is for.

Think of them like the Avengers. They might not protect your universe from alien invaders, but they do keep malicious cybercriminals at bay.

Let’s uncover the basics of CIRTs and how you can build the best team for your district’s cybersecurity needs.


cyber incident response team — also known as a computer incident response team or computer security incident response team (CSIRT) — is a group of people responsible for responding to security breaches, viruses, and other potentially catastrophic cyber threats.

CIRTs are essential to the overall incident response process. Each security team member plays a particular role in mitigating an active threat, but together, they cohesively executive your school district’s incident response plan (IRP).

In short, an IRP is a formal document that establishes the requisite steps, instructions, and procedures your school district should follow for detecting, containing, and minimizing the impact of an attack on your information technology (IT) infrastructure. Generally speaking, incident response planning provides a comprehensive framework for mitigating a cyber incident, whether it be a security breach, data leak, or any other threat to sensitive information and student privacy.

With a well-crafted IRP, you can:

  • Jump into action: Incident response planning helps you act faster, which is key to preventing bad actors from getting their paws on more personal information.
  • Prevent downtime: The sooner you contain a threat, the quicker you can bring affected systems back online. And, if you’re really fast, you can even prevent the attack from forcing information technology offline in the first place.
  • Improve recovery: With a smoother and more effective incident response process, you can avoid critical damage that requires implementing a disaster recovery plan.

However, these outcomes aren’t possible without a computer security incident response team at the helm. A CIRT’s main goal is to regain control of an ongoing cyber incident as quickly and efficiently as possible, thereby minimizing its negative impact. This involves following the National Institute of Standards and Technology (NIST)’s four-step framework for incident handling:

  1. Preparation
  2. Detection and analysis
  3. Containment, eradication, and recovery
  4. Post-incident activity

Not familiar with these phases? Check out our guide to learn more.

For now, just know the CIRT is responsible for completing each phase’s essential procedures. These include gathering threat intelligence, communicating events to internal and external stakeholders (such as law enforcement), classifying incidents, threat hunting, coordinating response efforts, post-incident reporting, and updating information security policies following a mitigated cyber threat.

Contact your dedicated Account Manager:

Warren Frebel
VP of Business Development

Learn More About ManagedMethods

Automating Cybersecurity & Safety: Top Use Cases for Cloud Monitor & Content Filter

Attention, multitasking tech superheroes of K-12 school districts! Get ready to transform your cybersecurity and safety strategies with cutting-edge automation tools tailored specifically for you.

As a K-12 technology pro, you have more tasks on your list than time in your day. You’re jam-packed with service requests and putting out all kinds of fires. You simply don’t have time to pour over audit logs to try to find security risks in your systems regularly.

You’re invited to join our free, live webinar where you will learn how you can improve cybersecurity and safety in your district through automation with ManagedMethods.

ManagedMethods is the only solution built specifically for K-12 providing cybersecurity and safety monitoring and automation for Google Workspace, Microsoft 365, and online browsing.

During this session, you will hear from your fellow K-12 techs on how they are saving a ton of time and effort by partnering with ManagedMethods. You will also see a live demonstration of ManagedMethods’ Cloud Monitor and Content Filter platforms, and learn common use cases for key features.

You will hear real-world stories and experiences from Michael D. Tapia, Chief Technology Officer at Clint Independent School District, Lisa Chesney, Technology Specialist, Union County Public Schools, and Kobe Brummitt, Cyber Security Technician at Hawkins School District.  They are donating their time to share how you can improve your cybersecurity and safety processes through better visibility, control, and automation with ManagedMethods.

Register today to learn how automation can effectively address the unique cybersecurity and safety challenges your team is facing.

During this session, you will learn:

  • Learn why automating cybersecurity and safety is important
  • Hear real-world stories showcasing successful cybersecurity and safety automation and response
  • See key features and benefits of ManagedMethods’ Cloud Monitor and Content Filter platforms
  • Feel compelled to get a free Google Workspace/Microsoft 365 security & safety audit with ManagedMethods

Register now to take part in the conversation!

Contact your dedicated Account Manager:

Warren Frebel
VP of Business Development

Learn More About ManagedMethods

How-to Action Plans to Navigate Developing K-12 Education Trends

by: Brian Thomas, President and CEO of Lightspeed Systems

Educators are quite familiar with overcoming challenges, as the last four years have presented more disruption to school districts than at any time in recent history. Despite the unparalleled levels of disruption, several developing K-12 education trends have emerged.

This post highlights four prevailing education trends and provides an overview of how-to action plans to get your district proactively addressing its highest-priority challenges.

Cyberattacks on K-12 Schools Continue to Rise

Cybersecurity attacks present a costly threat to school districts across the United States. According to Comparitech, a cybersecurity and online privacy product review website, global ransomware attacks against K-12 and higher education institutions—breaching over 6.7 million personal records—cost over $53 billion in downtime between 2018 and mid-September 2023.

Cyberattacks on K-12 school districts are rising as cybercriminals identify districts as lucrative targets. Student information systems (SIS) store personally identifiable information (PII) of both students and staff, and many districts simply lack the resources to layer essential cybersecurity measures. The result is district data remains increasingly vulnerable to cyberattacks.

The Lightspeed Systems 2022 EdTech App Report showed most districts have more than 2,000 apps in use across their student population, but that only 300 apps account for 99 percent of student use. Regardless of usage rates, district IT leaders are responsible for safeguarding students’ personally identifiable information (PII) on all apps in the district, including the remaining 1,700 infrequently used apps. Unsecure websites and “rogue” apps, those used by staff and students but not vetted by IT, easily slip through the cracks, creating openings for cybercriminals to enter.

Recovering systems after an attack is both costly and time-consuming. In addition to often paying hundreds of thousands of dollars in ransom, district networks are down an average of four days, and require30 days to fully recover.

Action Plan:

  1. Audit all applications in use across your school district, their privacy policies, and data security practices. Third-party analysis of privacy policies provides a reliable source of expertise. These steps can be completed manually or accelerated with digital intelligence software.
  2. Block students and staff from accessing new and unknown websites. Millions of new sites come online each day and the vast majority aren’t educational. These sites can be malicious and until they are categorized by your web content filter, the safest option is simply to prohibit access. If you’re using a web filter with an AI-driven dynamic database, educational or appropriate sites won’t remain uncategorized for more than a couple of hours.
  3. Inform all stakeholders about the importance of cybersecurity and data privacy to empower them with the knowledge to protect their privacy and the community. Mitigate risk by teaching staff and students about phishing emails and rouge apps to help prevent them from unintentionally opening malware that will leave them and your district vulnerable.


Contact your dedicated Account Manager:

Lightspeed Systems
Mike Durando
Vice President of Sales

Learn More About Lightspeed Systems

On Demand Webinar: K-12 Cybersecurity & Safety Incident Response Best Practices For 2024

K-12 Technology Leaders Share Advice To Help You Improve Your District’s Early Detection & Response Process

“It’s not if, it’s when…” 

We’ve heard the saying so many times that it’s almost become cliché. But the reality is that even if you had unlimited time and budget (which you don’t), there is no way your district would be 100% protected from a cyber incident.

That fact is why incident response is critical to protecting your district’s students, faculty, staff, and finances.

Join ManagedMethods for our first K-12 Cybersecurity & Safety Leadership Series webinar of 2024! You’ll learn from a panel of your peers, who are donating their time to share their experiences and expertise with you.

During this session, we’ll discuss how K-12 technology teams have become a focal point for cybersecurity and student safety incident detection and response. Learn how other K-12 technology teams are managing the incredible responsibility—and workload—that has come with our increasingly digital learning landscape.

You’ll learn about the processes, tools, and resources they use to develop and continually improve upon their incident response processes. They will share their advice and real-world examples of how early detection and response have helped protect their districts’ data and, in some cases, students’ lives.

During this session, you will learn:

  • Why early detection and response is critical for cybersecurity & safety incidents in K-12 school districts
  • How responding to cybersecurity and safety incidents are different, and how they are similar
  • How to get started with your own incident response process—or how to improve one you may currently have
  • How to take the next step by auditing your district’s Google Workspace and/or Microsoft 365 domains to see where critical risks exist

Contact your dedicated Account Manager:

David Waugh
Sales and Marketing Vice President

Learn More About ManagedMethods

SecurED Schools: K-12 Data Privacy & Cybersecurity Conference

A two-day professional development event focused on data privacy and cybersecurity

SecurED Schools is an annual conference hosted by the Learning Technology Center that focuses on cybersecurity and data privacy best practices, strategies, and tools. Over two days, attendees participate in hands-on demonstrations, panel discussions, and presentations led by local, state, and national experts.

The goal of SecurED Schools is to improve the security posture of school districts. We know that the global pandemic fueled digital transformation and technology adoption in school districts across our country. With increased reliance on technology to empower learning comes increased risk, and PK-12 technology and education leaders increasingly understand the vulnerability of their networks and data.


  • Technology leaders (CTOs, technology directors, IT managers)
  • IT staff (network engineers, IT support staff)
  • District/building administrators
  • Anyone responsible for collecting, maintaining, reporting, certifying, and/or protecting and securing student data in an educational environment

Where and When

Dates: January 16 & 17, 2024
Location: Virtual
Cost: $50
PD Hours: 11

Looking for the schedule or have additional questions?

Check out the 2024 Schedule online or contact Jared Lynn ( with questions.

Optimizing Cyber Insurance: The Importance of Building Strong Defenses

The cyber insurance landscape is evolving rapidly, driven by a surge in claims, particularly within the education sector. Active adversaries specializing in ransomware attacks are increasingly targeting educational institutions. In fact, in the U.S., 56% of K-12 and 68% of Higher Ed experienced significant impacts from ransomware in the last year.

Even though most institutions already have some cyber insurance, they’re discovering that the cybersecurity standards for qualification have risen. Policies are also getting more complicated, and premiums are on the rise.

Join us in this upcoming webinar as we address:

  • Recent changes, priorities, and focus areas in the cyber insurance industry
  • Best practices to help minimize cyber risk and lower costs
  • Suggestions for optimizing cybersecurity investments

Contact your dedicated Account Manager:

Kyle Thomas
SM SLED Manager

Learn More About SHI

Cybersecurity Best Practices and Funding Strategies for K12 Schools

Join Bluum for an engaging webinar that delves into implementing cybersecurity best practices in K12 schools. This webinar aims to equip educators, administrators, and IT professionals with comprehensive insights into services and products available to you through Bluum and how to fund them. From strategic planning to implementing effective protocols, our panel of experts will discuss practical approaches to strengthen digital infrastructure against cyber threats.


Contact your dedicated Account Manager:

Joel Anderson
Sales Director- Central Territory

Learn More About Bluum

Browse the Catalog

How To Recover From A Cyber Attack: 8 Tips For K-12

Worried about what might happen if your school district suffers a data breach?

You’re not alone. Schools across the United States are bracing for impact, awaiting the day a malicious incident puts their cybersecurity strategy to the test. And, as cybercrime rises worldwide, it’s only a matter of time before it does. In the spirit of planning ahead, let’s discuss how to recover from a cyber attack so that you can better protect your students from a future security breach.

Contact your dedicated Account Manager:

David Waugh
Sales and Marketing Vice President

Learn More About ManagedMethods


Join us for a ClassLink #CyberSession on November 29, 2023! You’ll learn about a no-cost tool to improve cybersecurity in this concise, 2-hour event.

You’re doing everything you can to improve cybersecurity in your schools, but how do you know if it’s enough?

Join ClassLink leaders and cybersecurity experts at the ClassLink CyberSession, where they’ll introduce you to the Cybersecurity Rubric (CR). The CR is a free tool school leaders can use to self-assess their cybersecurity practices and make significant improvements.

Along with an introduction to the CR, you’ll learn how the White House’s Secure by Design pledge will reduce the security burden on schools. Plus, uncover strategies for using new ClassLink features to make your schools more cyber-secure.

Made for busy leaders, this session is short and filled with actionable insights. Register now to find your path to stronger cybersecurity.

(This session will benefit all school leaders and is not restricted to ClassLink schools.)

What to expect:

✔️ Gain Access to the Cybersecurity Rubric
✔️ Understand how the #SecurebyDesign pledge reduces the burden on schools
✔️ Discover new cybersecurity features in ClassLink


Contact your dedicated Account Manager:

Lyle Dadian
Director of Instructional Technology
M: 414-588-9181
O: 862-203-2099

Learn More About ClassLink