The use of artificial intelligence to bolster cybersecurity defenses is not new.
For at least a decade, much of the must-have cybersecurity tools available have been powered by machine learning, predictive analytics, and pattern recognition—subsets of the broader bucket of artificial intelligence, said Amy McLaughlin, the cybersecurity project director for the Consortium for School Networking, or CoSN.
What is new to the field is generative and agentic AI, McLaughlin said. Generative AI can create new content, including text, images, and videos, by using existing data and patterns it’s trained on. Agentic AI can operate autonomously to achieve different objectives, with minimal human supervision.
Experts are unsure of what role these emerging AI technologies will play in strengthening school districts’ cybersecurity.
“For cybersecurity, a lot of what is done in that space isn’t really something that aligns to generative [AI],” McLaughlin said. “You’re busy responding and identifying, as opposed to creating something new.”
But McLaughlin said she’s seeing a few school districts experiment with how they’re using these tools in their cybersecurity defenses, especially as cybersecurity continues to be a persistent concern for K-12 district technology leaders.
Cyberattacks are becoming tougher to tackle as districts rely more heavily on the use of digital technology for instruction and operations, while funding and staffing of school district technology departments have not kept up. Cybercriminals are also getting more sophisticated due to advances in technology, especially artificial intelligence.
More than half (51%) of educators said they expect the severity of cyberattacks against their districts or schools to increase in the next year as a result of artificial intelligence, according to a nationally representative EdWeek Research Center survey of 499 teachers, principals, and district leaders conducted in December and January.
How districts are using generative AI in cybersecurity
The information technology team for the Oak Park elementary school district in Illinois has been playing around with using generative AI tools for cybersecurity, but the results have been mixed.
William Brackett, the director of technology for the 5,500-student district, and his team have experimented with using the technology to ask for insights on data logs of helpdesk tickets, to figure out what’s missing from the district’s cybersecurity incident response plan, and to troubleshoot programming code.
Generative AI models are not perfect, though, Brackett said. In his experimentation, the tools have sometimes produced “red herrings” and unusable insights. The technology is also not good at doing an analysis of huge internet traffic data logs, because “it can get sidetracked pretty quickly,” he said. He achieved better results by isolating the data and asking the AI to focus on specific subsets.
Many of the cybersecurity tools the district has been using now also have generative AI features built in, Brackett said. Those are often more reliable than general generative AI models such as ChatGPT, Gemini, or Copilot because “they’re already trained on the data that’s coming in since the vendor already knows how their data formats in [it],” he said.
Brackett and his team are testing these added AI features and evaluating whether using them is more efficient than not.
The experimentation is “building our expertise internally,” Brackett said. “So when AI becomes a major feature of any new products to come, now we know what to ask, what to look for, how to examine, how to question, how to watch the demo.”
For Gary Lackey, the director of cybersecurity for the 24,000-student Goose Creek school district in Texas, the fact that AI has become a buzzword for ed-tech companies has made it difficult for him and his team to determine how to use the technology in their district’s cyber defense.
“A lot of companies are, overnight, switching their discussions from, ‘Hey, we use algorithms and machine learning,’ to all of a sudden, when AI became a buzzword, they’re like, ‘Oh, well, we use AI,’” Lackey said. “That’s a struggle for a lot of school districts—which [products] are actually using [AI] and which ones are just using it as a buzzword?”
Lackey and his team haven’t used generative AI for any internal cybersecurity actions. But Lackey said he has heard of some possible use cases that other district tech leaders have tried, such as allowing a generative AI tool to scan an environment to see if there’s anything exposed that shouldn’t be or asking it to generate tabletop exercises to help an IT team prep for a cyberattack scenario.
But Lackey and his team already “have some other tools that aren’t necessarily AI that are doing some of that,” he said.
It feels more time-consuming for a district IT team to use generative AI for certain cybersecurity tasks when there are already proven products that do the same thing, Lackey said.
What it would take for district IT teams to embrace AI
It’s unlikely that many district IT teams have the bandwidth and the expertise to create their own cyber defenses using generative AI, said McLaughlin, CoSN’s cybersecurity project director.
“It doesn’t mean it couldn’t be done,” she said. “I don’t know if it would be production ready. I think that’s the difference. You can do things in the classroom or in a lab environment. The question becomes, when do you put them into production, and are you going to rely on them for your defense?”
Many district IT teams—which are generally short-staffed and lack deep cybersecurity expertise—hope that generative AI and other emerging AI technologies will be able to help them defend their systems more quickly and effectively, said Doug Levin, the co-founder and national director of the K12 Security Information Exchange, or K12 SIX, a nonprofit focused on helping K-12 schools prevent cyberattacks.
“Largely, [AI’s] promise still remains in the future,” Levin said.
Relying on generative and other AI technologies would be expensive solutions at a time when the federal government under the Trump administration has reversed course on K-12 cybersecurity funding, many state and local governments are facing budget shortfalls, and many school districts don’t have the resources for basic cybersecurity defenses, Levin said.
With the federal government shifting its role in education, “it really is beholden on states to take the lead,” Levin said.
For district IT teams to fully embrace these tools in their cyber defense, they need support in ensuring AI-powered cybersecurity products are made with K-12 schools in mind; they need help vetting these tools; they need support in figuring out best practices for using AI in cyber defenses; and they need the whole district community to be AI literate, experts and district tech leaders said.
In the meantime, cybersecurity experts said, generative AI hasn’t changed the best practices for defending a school’s network, which include training students and staff, conducting risk assessments, and practicing incident response plans.
Still, district tech leaders see these emerging tools playing a part in cybersecurity moving forward.
“The genie is out of the bottle,” said Brackett. “We’re going to have to utilize some of those tools.”
Data analysis for this article was provided by the EdWeek Research Center. Learn more about the center’s work.
