Six Cybersecurity Threats Every School Leader Should Know
Crisis Management  |  Cybersecurity  |  Risk Management

Six Cybersecurity Threats Every School Leader Should Know

From ransomware demands to supply chain risks, independent schools face cyber risks that demand top attention.

Oct 7, 2025

Silhouette of a person with binoculars displaying binary code on a red background.

Cybersecurity threats are not theoretical for schools — they’re real, costly and increasingly common. In a recent NBOA webinar, Lloyd Brown, a risk consultant with USI Insurance Services, outlined six top risks that school leaders should address and shared practical strategies for reducing exposure. NBOA members can view the full webinar through the NBOA Library. The NBOA fall webinar series also just launched, with many more to attend this season. 

1. Phishing

Phishing scams often arrive as emails that look legitimate but contain subtle red flags: generic greetings, poor grammar, urgent language, and suspicious attachments. These days phishing can be far more targeted and sophisticated than it once was, and in these case termed “spear phishing.”

A K-12 school in Washington recently lost $346,00 after a hacker impersonated a contractor and sent a fake invoice. Insurance may cover phishing losses, but coverage is limited and conditional, so qualifying for reimbursement isn’t guaranteed.

To prevent phishing attacks:

  • Require voice confirmation for large payments.
  • Require multiple sign-offs for financial transactions.
  • Implement two-factor authentication and regular staff training.

Read “Double Take: Preventing Financial Cyber Crime” in Net Assets for more on social engineering and spear phishing.

2. Ransomware

Ransomware attacks in education have surged by 69%. Last year, 63% of K–12 institutions reported being hit. Hackers typically demand payment in exchange for a decryption key. However, even when schools pay, they may not recover all their data.

Last November, USI helped a university respond to a $2 million ransomware demand that occurred over the Thanksgiving holiday. The institution wasn’t sufficiently backing up their data, which restricted their ability to restore the data without the decryption key, and ended up paying $1.2 million to restore operations. Insurance covered part of the cost, but the forensic investigation alone was $64,000.

To prevent ransomware attacks:

  • Maintain robust, frequent backups.
  • Have a response plan that includes legal counsel and forensic support.
  • Understand your insurance limits.

NBOA members can download “Guidance on Cyber Insurance for Independent Schools," fully updated this year and released in conjunction with ATLIS, for more on what to look for and what to avoid in insurance agreements.

3. Supply Chain Risk

In 2024, 97% of schools have been affected by supply chain breaches. Last December, PowerSchool, a major SIS provider for public schools, was hacked via a stolen admin password, exposing 62 million student records. The breach went unnoticed until the hacker contacted the school directly.

To protect your school:

  • Review third-party contracts for liability clauses.
  • Use vendor risk compliance templates.
  • Know your state’s breach notification laws, as some states require vendors to offer credit monitoring and notify affected parties.

Read “After the Firewall Falls” in Net Assets for more on responding to a cyber breach at an independent school.

4. DDoS Attacks.

A DDoS attack (Distributed Denial of Service attack) floods the network with traffic and requests from multiple sources, often with the use of botnets (malware-infected computers). The combination of an easy-to-access school network and outdated assets makes schools a primate target. Additionally, DDoS attacks can be launched with minimal technical skill. Recently, a high school student recently shut down internet access and medical records for 145 schools during standardized testing, using only a cell phone and a YouTube tutorial.

To protect from DDoS attacks:

  • Network monitoring tools.
  • Incident response protocols.

For more on managing cyber security, read “Strategies: A Multilayered Approach to Cybersecurity” in Net Assets.

5. Poor Password Management

Recent statistics show that billions of compromised passwords are in circulation on the dark web, and human error remains the largest source of risk in online security. Many of these errors are related to poor password “hygiene” such as creating easy-to-guess credentials or reusing them across multiple sites. Take the following steps:

  • Use 12-character complex passwords.
  • Enforce regular password updates.
  • Implement multi-factor authentication.

6. Insufficient Budgets and Training

Budgets vary widely from school to school. If your IT teams aren't getting the updated software they need, then the school can be putting itself at higher risk. Questions to ask include:

  • Where's our money going and how can we be more impactful?
  • How can we be more judicious with the money that we have and make better decisions that are going to protect us?

User training is also important. Some schools lag in their training policies, leaving employees uninformed about potential risks. To enhance training:

  • Conduct annual training at minimum—quarterly is ideal.
  • Rotate training topics to keep staff engaged.

NBOA members can view the full webinar through the NBOA Library and find copious resources on cyber security in the Related Content box below. And don't miss the remainder of the 2025 NBOA fall webinar series.


RELATED CONTENT

IN THE NEWS

NET ASSETS PODCAST

Net Assets Podcast

Listen to the latest episode of the Net Assets podcast.

Get Net Assets NOW

Subscribe to NBOA's free twice-monthly newsletter.

SUBSCRIBE