With data from the K-12 Cyber Incident Map on roughly 200 incidents experienced by K-12 schools and districts since the start of 2016, it is increasingly evident that schools and districts can be categorized in one of three ways with respect to their cyber security experiences:

  1. Schools and/or districts may have not knowingly experienced a recent cyber incident (or have managed to avoid public disclosure of any incident(s) since the start of 2016). Schools that rely on technology less than others are more likely to be in this category, as are schools with strong cybersecurity programs.
  2. Schools and/or districts may have found themselves reported on the K-12 Cyber Incident Map, having experienced a recent cyber incident (and have hopefully since shored up policies and practices to reduce the odds of future issues). Given that many experts believe cybersecurity incidents are inevitable, over time more schools and districts are likely to find themselves in this category…or the next.
  3. Schools and/or districts may have experienced more than one recent cyber incident. This may be due to an increased reliance on technology for teaching, learning and school operations as compared to other districts and hence a greater exposure to cyber risks. It could be due to bad luck. Or, it could be a sign of a lack of expertise, resources, and/or attention to cyber security issues.

One trend that has emerged in compiling data for the K-12 Cyber Incident Map is the number of schools and/or districts falling in the third category – repeat incidents – is increasing.

To aid policymakers, researchers, administrators, and others in understanding this trend, I have decided to compile and report more detailed information about schools and districts falling in this category. As of today (August 18, 2017), I have identified 8 school districts across 6 different states that have been affected by more than one cyber incident since the start of 2016. Not every incident is equivalent and some involve actions by a school vendor. Nonetheless, the policies and practices of school districts impacted by repeated cyber incidents are worthy of closer scrutiny.

The most up-to-date list of schools and districts affected by repeat cyber incidents can be found here.