K-12 district technology leaders know what they need to do to protect their network systems from cyberattacks. The challenge, they say, is getting the rest of the district community to follow cybersecurity policies and best practices.
Previous surveys have found that teachers are less aware of the threat of cyberattacks, but experts say that’s not a surprise given that teachers don’t have sophisticated cybersecurity knowledge.
While professional development can help teachers understand the importance of having good cybersecurity hygiene, it’s difficult to get teachers to do it when they have other priorities, district tech leaders say.
Rachelle Dené Poth, a Spanish and STEAM teacher at Riverview High School in Oakmont, Pa., was scheduled to present a session on what teachers need to know about cybersecurity at the ISTELive 25 + ASCD Annual Conference 25 in San Antonio June 29 to July 2.
Education Week interviewed Poth ahead of the conference to discuss why teachers should care and what district leaders need to do to make cybersecurity training relevant for teachers.
This interview has been edited for length and clarity.
Do you think teachers care about cybersecurity?
I definitely think that teachers care about cybersecurity, but I’m not sure how much of a priority it is when compared with other things that they are responsible for, such as student well-being, instructional strategies, etc.
If they’ve been personally affected in their school or maybe had some other issue with identity theft, for example, such as I experienced years ago, that definitely would lead to people caring more about it.
It could be considered a topic for teachers of computer science courses, or as something that the tech coaches, the IT department, or the administration might be more involved in.
Why should teachers care about cybersecurity?
We have to worry about protecting student privacy, keeping them safe in the online space and making sure that we’re providing opportunities for them to build skills in technology and digital citizenship, because they will be using technology in the future, so they need to understand how to keep themselves safe.
For the teacher side, we use and have access to so many different types of personally identifiable information about our students whether it’s grades, family information, academic interventions, medical information and so much more, plus we also need to make sure that we are in compliance with laws like FERPA and COPPA and others that are relevant in our work.
Having experienced it, ransomware can result in the loss of a significant amount of valuable information over time, disrupt the learning experience, and place a substantial burden on schools, as well. I don’t see [cybersecurity training] as something that is optional anymore. In all classrooms, we have to focus on digital citizenship, because students are using tools, especially now with so much AI. We need to make sure that they know how to keep themselves and others safe based on what they are using the technologies for, so it definitely starts with us.
What can districts do to make cybersecurity training relevant for teachers?
If there’s something that’s personal about it. You’re talking about your personal privacy, your identity. These are real things that are happening and that resonates more with teachers when you have a personal story or an experience.
People want their information to be kept private, and you don’t actually, technically, fully have control over that, but at the same time, you could have a part in helping people understand the importance of strong passwords and not using insecure WiFi.
Do you have examples of easy ways districts can help improve teachers’ cybersecurity practices?
There are online sites that have interactive activities—one’s a password game. It’s also so simple on different tools like Canva or whatever to make a one-pager [tip sheet], that’s like, “think before you click.” It could be displayed in the room and throughout the school so people can see it and know. Teachers in most schools also probably get a teacher handbook, but AI and cybersecurity need to be at the forefront [of the handbook].
