In our opinion, the report’s authors are diplomatic in their summary: “The K-12 community displayed an overall average maturity score of 3.55 on the 2021 NCSR’s 1 through 7 maturity scale. Results from the Nationwide Cybersecurity Review (NCSR) risk-based assessment have shown the K-12 sector is improving in its cybersecurity capabilities over time, though the sector lags behind other sectors when comparing cybersecurity program maturity.”
- 83%* had cyber insurance to mitigate their cyber risk
- 81%* had not fully implemented multi-factor authentication (MFA) [Cyber Insurance News: How did all these schools get cyber insurance when they don’t have full MFA?)
- 29%* had not implemented MFA on any systems
- 37% of K-12 members did not have an incident response plan
- 29% of K-12 member organizations reported that they were victims of a cyber incident
Source: New MS-ISAC Report Details Cybersecurity Challenges of K-12 Schools