Many Kansas school districts aren’t taking basic steps to protect their computer systems and the privacy of sensitive information collected about students, according to a legislative audit release Tuesday.
The report from the Legislature’s auditing agency based its conclusions on a survey sent to the state’s 286 local school districts, with 147, or 51% responding.
The audit said that more than a quarter of the school districts surveyed didn’t have antivirus software on all computers, with figure rising to about a third for districts with 500 or fewer students.
Only 34% of districts said they scanned computers for vulnerabilities at least once a month, while 35% said they never did it, the auditors said.
More than half of the school districts surveyed or 56% said the competitive salaries required to attract information technology workers represented a significant barrier to having enough IT staff.
The auditors recommended that lawmakers consider directing the State Department of Education to develop minimum cybersecurity standards for school districts.
The department’s top administrator, Education Commissioner Randy Watson, said in a written response that setting such standards would require the agency to increase its IT staff to help districts and to audit them.
Related: Microsoft Sees Spike in BEC Attacks Targeting Schools
Related: Officials Say School District Near Albany Hit by Cyberattack
Related: Large Florida School District Hit by Ransomware Attack

More from Associated Press
- UK’s New Online Safety Law Adds to Crackdown on Big Tech Companies
- MGM Resorts Computers Back Up After 10 Days as Analysts Eye Effects of Casino Cyberattacks
- California Law Restricting Companies’ Use of Information From Kids Online Is Halted by Federal Judge
- Two Vegas Casinos Fell Victim to Cyberattacks, Shattering the Image of Impenetrable Casino Security
- TikTok Is Hit With $368 Million Fine Under Europe’s Strict Data Privacy Rules
- Imagine Making Shadowy Data Brokers Erase Your Personal Info. Californians May Soon Live the Dream
- California Settles With Google Over Location Privacy Practices for $93 Million
- A Second Major British Police Force Suffers a Cyberattack in Less Than a Month
Latest News
- China’s Offensive Cyber Operations in Africa Support Soft Power Efforts
- Air Canada Says Employee Information Accessed in Cyberattack
- BIND Updates Patch Two High-Severity DoS Vulnerabilities
- Faster Patching Pace Validates CISA’s KEV Catalog Initiative
- SANS Survey Shows Drop in 2023 ICS/OT Security Budgets
- Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones
- New ‘Sandman’ APT Group Hitting Telcos With Rare LuaJIT Malware
- Every Network Is Now an OT Network. Can Your Security Keep Up?
