Report finds most schools are underprepared for ransomware and AI-powered cyberattacks

A new report from endpoint platform Action1 has found that more schools worldwide are not prepared for ransomware or AI-powered cyberattacks, despite increased cyber budgets.

While more IT leaders in schools have a realistic view of their cybersecurity readiness, ongoing staff shortages, and structural barriers, leave many learning institutions vulnerable to increasingly sophisticated attacks, particularly those led by AI and ransomware.

Action1 surveyed more than 350 school IT leaders and administrators working in higher education and K-12 schools across the world. 

Most of those surveyed (89 percent) reported at least one incident in the past year, with most attacks in the form of phishing, unauthorized access, and malware. Common impacts included data breaches, learning disruption and financial or reputational damage.

While more schools reported increased spending on cybersecurity, nearly 40 percent said they still feel underprepared for an attack and 74 percent say they do not have a dedicated cybersecurity specialist. 

Strikingly, 92 percent of those surveyed said AI-phishing is likely to be the most dangerous threat to them in the coming year.

"Education systems remain a top target for cyber criminals, and while school leaders are becoming more clear-eyed about the risks, many are still stretched thin," comments Mike Walters, President and Co-founder at Action1. 

"This year's report shows real progress in how schools approach cybersecurity, but persistent structural limitations, including staffing shortages and outdated infrastructure, continue to leave learning environments vulnerable."