The federal government plays a crucial role in sharing threat information, best practices, and other resources with school districts that are frequent targets of cyber criminals — many operating outside of the United States.
District technology directors, like Jun Kim of Moore public schools in Oklahoma, are bracing to see how cuts at the federal level will affect the services they have come to rely on to protect their districts' systems and students' data. Kim said his IT team does not have the capacity to stay ahead of every emerging cyber threat.
"Schools are rich targets," he said. "We need that support so when we do get attacked, [federal agencies] have resources and people who help you get back on your feet quicker."
Specifically, K-12 cybersecurity experts who spoke with Education Week are concerned that funding cuts and policy changes by the Trump administration will kneecap information sharing networks that schools rely on to stay one step ahead of cyber criminals and data leaks.
Education Week has confirmed that the U.S. Department of Education, at the behest of Homeland Security, has suspended, at least for the time being, its K-12 Cybersecurity Government Coordinating Council, which brought together representatives from federal agencies, state education departments, school districts, and education technology companies to provide guidance and coordinate responses to cyber threats and attacks. The move comes in response to an executive order signed in February dissolving an initiative that allowed these various groups to meet exempt from some public meeting laws to protect the sensitive information being shared.
And the future of another group, the Multi-State Information Sharing and Analysis Center, that serves as the central cybersecurity resource for state and local governments, is in limbo, as the nonprofit that helps runs it faces steep funding cuts from the U.S. Department of Homeland Security.
Kim, who was recognized in 2024 as an Education Week Leader To Learn From, said he relies on the training and threat levels distributed by MS-ISAC.
"Schools, we're kind of isolated," said Kim. "We need support and information and training from these large organizations to keep us engaged, to help us develop policies, to look at emerging threat factors, and to create some security strategies."
Staffing reductions at the U.S. Department of Education and the federal Cybersecurity and Infrastructure Security Agency could also hinder schools' abilities to respond to, and recover from, cyber attacks, say K-12 cybersecurity experts.
These cuts come at a time when schools need more, not less, support to meet the flood of cyber threats targeting them. This is one realm where states and schools simply cannot fill the role the federal government does, said Doug Levin, a school cybersecurity expert and the national director of the K12 Security Information Exchange.
"With respect to cybersecurity, the folks who are attacking schools are coming from overseas, so it is a classic federal defense of the homeland, and to devolve that to states or even local school districts is putting them at a grave disadvantage," he said.
Under the Biden administration, the federal efforts to support school cybersecurity were "just emerging," said Levin. "We were starting to build the infrastructure and capacity we needed."
With the Trump administration cuts, "it seems like we're taking a step backwards here," he said.
TRUMP ADMINISTRATION DEFENDS CUTS AND INSISTS SERVICES WILL NOT BE HARMED
In response to those concerns, a spokesperson for the Cybersecurity and Infrastructure Security Agency, which is part of the U.S. Department of Homeland Security, said the cuts to staffing and funding will not affect services or support for school districts.
"Under President [ Donald] Trump's leadership, we are making sweeping cuts and reform across the federal government to eliminate egregious waste and incompetence that has been happening for decades at the expense of the American taxpayer," a CISA spokesperson said in a statement to Education Week. Personnel cuts across DHS "will result in roughly $50 million in savings for American taxpayers and incalculable [value] toward accountability and cutting red tape."
The spokesperson said DHS is continuing to identify other wasteful positions and offices that do not fulfill its mission. (The Education Department did not immediately respond to requests for comment.)
Regardless of that mission, the reality is that schools have become a leading target for cyber criminals, especially as they increasingly rely on technology in their day-to-day operations. A majority of schools — 82 percent — experienced a cyber incident between July 2023 and December 2024, according to a report from the Center for Internet Security and the Consortium for School Networking, both nonprofit groups, published in March 2025.
Cyber attacks are costly, both financially and academically. A 2022 U.S. Government Accountability Office report found that districts have lost between $50,000 and $1 million per cyber attack, and the loss of learning time after a cyber attack has ranged from three days to three weeks. Cybersecurity has been the top concern for district technology leaders for more than five years, according to CoSN.
Most of the support the federal government provides school districts does not come as direct funding, but rather in sharing expertise and intelligence.
One way the Education Department had facilitated this was through the K-12 cybersecurity government coordinating council created in 2024, which was supposed to host trainings, recommend policies, and communicate best practices around this major challenge.
However, a recent directive from the Department of Homeland Security suspended the work of all government coordinating councils, which has halted the work of the Education Department's coordinating council, according to an email obtained by Education Week.
Without the cybersecurity coordinating council, K-12 schools lose a valuable resource to respond to incidents, especially large-scale ones, said Michael Klein, the senior director for preparedness and response at the Institute for Security and Technology and a former senior adviser for cybersecurity for the Education Department during the Biden administration.
"If we don't have the ability to pull together those critical leaders from across superintendents, school boards, state agency leaders, as well as principals and IT directors, we won't be able to understand the needs in these states, and we won't be able to provide [schools] with up-to-the-moment, critical information when there is a nationwide incident like with the PowerSchool breach," he said.
PowerSchool, a software giant that runs the most commonly used student information system in U.S. schools, suffered a data breach in January that could have exposed the personal information of tens of millions of students and teachers.
FEDERAL CUTS RAISE CONCERNS ABOUT SCHOOLS' CYBERSECURITY READINESS
Another federal agency that supports school cybersecurity is CISA, which operates 10 regional field offices. CISA provides cybersecurity readiness checklists and templates for preparedness drills. In the event of a cyber attack, CISA often alerts schools that they have been compromised and can help connect schools with additional agencies and resources within the federal government.
In 2023, CISA published a report on the risks K-12 schools face, along with recommendations and resources to help schools build better cybersecurity programs.
Thousands of local education agencies, especially under-resourced ones, also rely on the Multi-State Information Sharing and Analysis Center for free services and products, such as cybersecurity monitoring, self-assessments, alerts, and webinars, said Terry Loftus, the MS-ISAC chair and the assistant superintendent and chief information officer for the San Diego County Office of Education.
MS-ISAC, which is fully federally funded and operated by the nonprofit Center for Internet Security in partnership with CISA, is part of the Trump administration's dramatic federal funding cuts, with about $10 million of its funding terminated, as first reported by freelance reporter Eric Geller and confirmed by Education Week. Its annual budget ranges between $27 million to $30 million, Loftus said.
Cuts to MS-ISAC services include the team that performs sector-specific cyber threat analyses, which provides alerts and informs members how to better protect themselves against attacks; and stakeholder engagements, such as webinars and trainings, Loftus said.
These cuts are "deeply concerning" to members, Loftus said. "There are many schools and districts that don't have any money to provide cybersecurity training to staff, and this is the way that they get that at no cost."
SCHOOL LEADERS WORRY ABOUT POSSIBLE CUTS TO FCC CYBERSECURITY PILOT PROGRAM
For now, the Center for Internet Security plans to use its own budget to keep those services running so members don't feel the impact of the federal cuts, but the nonprofit organization is exploring ways to fund MS-ISAC in the future, Loftus said. Charging membership fees is one possibility, he said.
In terms of direct funding for schools' cybersecurity, the federal government provides comparatively very little, said Noelle Ellerson Ng, the associate executive director for advocacy and governance at AASA, The School Superintendents Association.
For years, education organizations have advocated for additional federal resources to help schools boost their cybersecurity practices. The federal government, in recent years, had started to provide these resources.
Last year, the Federal Communications Commission launched a cybersecurity pilot program to provide up to $200 million in competitive grants over three years to help schools and libraries purchase cybersecurity equipment.
The pilot received more than 2,700 applications, representing $3.7 billion in requests. In January, 707 awardees were announced. This demonstrates the already vast and fast-growing need for more funding for cybersecurity among schools, said Ellerson Ng — something AASA advocates for.
"The No. 1 resource you need is mitigation, and mitigations cost money. The federal government had no dedicated funding to help school districts procure cybersecurity protections until the pilot," she said. "The money available through that first tranche of funding through the pilot is nowhere near what we're going to need as demonstrated by the demand alone. But in this moment, something is better than nothing."
But Ellerson Ng, along with other cybersecurity experts Education Week spoke with, is not optimistic the current administration will continue funding the pilot, let alone expand it.
"I don't think this is the administration that is going to lead the way to find funding to support cybersecurity," Ellerson Ng said. "I think they have demonstrated an interest in both reducing the size of the federal government in general, as well as cutting spending to education that is not [focused] on privatization," such as expanding school choice policies like vouchers and education savings accounts.
The FCC said in a statement to Education Week that the pilot is still ongoing, and there haven't been recent updates to the program. The FCC did not respond to a question about the program's future.
It's unclear how much of a priority K-12 cybersecurity will be to FCC Chair Brendan Carr. Carr had voted against the cybersecurity pilot program because he didn't think it was within the agency's authority, though he agreed it's important for schools to have resources they need to secure their networks.
Looking ahead, Kim, the technology director in Oklahoma, said he will watch to see if he continues to find up-to-date information and guidance from the federal government — services he fears will be affected by further staffing and funding cuts.
"If we use the same strategies to mitigate cyber attacks and phishing scams from five years ago, much less five months ago, we're toast," he said.
Districts, meanwhile, could potentially have to pay membership fees to organizations for the services they were once receiving for free from the Education Department's government coordinating council and the MS-ISAC, say the cybersecurity experts Education Week spoke with.
States and districts might be able cobble together their own information sharing networks and resources, but they'll likely be duplicating efforts, and it will take a lot of time and money to get those services operational, Klein said.
"It's a system that you don't notice until it's gone or it breaks," said Klein. "That's how critical infrastructure works: water comes out of the tap, electricity comes out of the socket, and schools run. If they fail, we won't have the proper mechanisms in place to respond — and that's the role of federal government."
©2025 Education Week (Bethesda, Md.). Distributed by Tribune Content Agency, LLC.
