Cybersecurity Return on Investment: What K–12 Districts Should Measure
Cybersecurity Return on Investment: What K–12 Districts Should Measure
Publish Date: 2026-02-24 16:14:00
Source Domain: edtechmagazine.com
Using an unordered list, summarize the following article with between 4 and 8 key points. Multifactor Authentication and Phishing Metrics Show Success
Vermont is using specific operational metrics to measure whether cybersecurity investments are reducing risk across its K–12 school districts, says Lisa Helme, education programs division director at the Vermont Agency of Education (AOE).
The state focuses on indicators that reflect real improvements in security posture, particularly staff training, multifactor authentication adoption and incident readiness. Adoption of MFA has been one of the clearest measures of progress.
“In 2021, 35% of our school districts had MFA in place, compared with 79% today,” Helme says. The increase significantly reduces the risk of compromised accounts, one of the most common entry points for attackers.
The state also tracks whether districts have formal breach response plans, which define how to identify assets, evaluate exposure and respond to incidents. “In 2022 only 26% of our districts had any kind of a breach plan in place,” she says. “Today we’re at 58%.”
DISCOVER: See how K–12 districts can collaborate for greater cyber resilience.
Phishing simulations provide another key metric. Vermont deployed a statewide security awareness platform that allows districts to test and improve staff behavior. After running 214 awareness education campaigns and conducting 300 phishing simulations, the results show measurable improvement.
“When they first started, they had an open rate for these phishing emails of just over 32%, and that’s now dropped to 18%,” Helme says. “But that’s still too high.”
More encouraging, perhaps: The 44% open rate in another case has now dropped to 2%.
Firewalls and Artificial Intelligence–Driven Automation
Steele suggests districts focus on operational improvements such as streamlining security policies, optimizing firewall rules and leveraging AI-driven automation to dramatically enhance security posture.
Simplifying and consolidating toolsets reduces complexity and alert fatigue, allowing security teams to focus on real threats.
Steele also recommends investing in continuous monitoring and proactive policy management for stronger, measurable improvements in real-world security outcomes.
“Rather than simply acquiring more tools, these practical changes can increase protection and operational efficiency,” she says.
SUBSCRIBE: Sign up to get the latest EdTech content delivered to your inbox weekly.
