Cybersecurity, Data Privacy: Keeping District Tech Chiefs Up at Night

Senior Writer


Chief technology officers face daunting concerns in their daily jobs: cybersecurity threats, risks to student data privacy, and concerns about screen time among them.

A panel of  district CTOs at this year’s International Society for Education in Technology conference said vendors can play an important role in helping them with the biggest challenges they face, particularly around data privacy. 

Many districts are adopting strict policies for vendors to protect student data, and it’s helpful when companies are aware of and attentive to these concerns ahead of time, said panelist Cory Klinge, the technology director for the Richfield, Minn., public schools. Districts, he said, are collaborating and sharing language around data-privacy policies with each other, “so they can put it in front of vendors and say you have to comply with that before we onboard your tool.”

In addition, the district tech chiefs on the panel said cybersecurity is a huge concern, and that they need companies to help them train educators on best practices, such as avoiding phishing and malware, and basic privacy measures such as not putting passwords on sticky notes taped to their computers.

“It’s a challenge for CTOs to make teachers understand this information,” said Gerald Crisci, the director of technology for the Scarsdale Public Schools in New York.

Crisci noted that he’s had educators say they weren’t sharing any private student data with an app, for example, then say they were “just entering student names, ages and emails, ” he said.

“They don’t understand what private means.”

Crisci and other CTOs on the panel say they’ve done extensive training of their staff this year on cybersecurity steps. Several said they used lengthy campaigns that involved face-to-face training, online training and even the use of products like  KnowBe4, which promotes security awareness, to help continue that education.

Getting a Seat at the Table

Media hype over concerns regarding screen time for students is also on Scrisci’s radar screen. He has to reassure parents that not all screen time is the same: screen time at school using digital tools is much different than kids spending hours using social media and gaming, he said.

The district tech officials also say they’ve struggled with not always being at the educational leadership table for discussions or not having enough access to top district decisionmakers.

“In the past I’ve had to ask for or lobby for an audience with the [district’s] cabinet,” Klinge said. But after pushing for change, he now has regular meetings with his district’s leadership-level administrators.

It’s critical for CTOs and tech leaders to have a seat at the decisionmaking table, said Arline Pique, the director of technology for the Hamilton County Educational Service Center, which works with more than 50 districts in the Cincinnati, Ohio area. Even when top district leaders are not talking directly about tech, she said, “there’s probably a tech component.”

Pique spoke with EdWeek Market Brief after the panel to discuss the role that K-12 companies can play in helping CTOs overcome their biggest challenges.

What are some of things you’re looking for in vendor that you recommend to the districts you work with?

One of the first things is compliance with [federal data privacy laws] like FERPA and COPPA. That’s a big deal. Teachers are still not aware or thinking about it, especially when it’s something free. As an ESC, we don’t want to recommend something to districts unless it’s compliant.

It’s also important that they’re priced well and can’t be out of the ballpark for districts. If we can mitigate some of that pricing to bring it down as a consortium, that’s even better, so that small district doesn’t feel like there’s no way we can afford it.

If a company wants to get on your recommended list what should they do?

They should contact us and tell us what makes them a viable product and what makes them stand out from other vendors. I’m happy to view a demo if it’s a niche need that’s going to make teachers’ lives easier and it’s going to engage students and let teachers personalize.

How closely are you looking at the usage data of products in the districts you work with?

If a district makes an investment, we want a way to track to make sure a product is being used. When I worked in a district it would make me crazy—teachers would ask me to spend money and then I’d find out they really weren’t using it.

From an IT department perspective, then you start being the “no” person because the product is not being used and you want to spend that money on something else.

There was a lot of discussion on the panel about cybersecurity. How are you approaching this in your work with your districts?

It’s scary. The zero-day virus has hit Ohio and it’s a virus that has never been experienced before. The FBI, any other place that would be able to help you with this, they don’t have a clue. This thing is propagating and you have no idea how to stop it and there are no resources out there to help you. That is frightening.

It’s so easy to happen. You’ve got a teacher or an administrator trying to go through hundreds of emails and they can so easily click on something. A lot of districts use KnowBe4, which lets you send out an artificial phishing campaign. It looks real, but there are clues you can use as training opportunities. We’re trying to help educators to become safer. Anything that helps with that would be welcome.

Follow EdWeek Market Brief on Twitter @EdMarketBrief or connect with us on LinkedIn.


44 thoughts on “Cybersecurity, Data Privacy: Keeping District Tech Chiefs Up at Night

  1. I always receive the best information from your site. So, I feel that your site is the best. I am waiting for new information from you. Thanks for your great site.I thought of sharing the updated list of website here that should help you further and are not limited.

  2. I also think it’s time to start talking about what most of the big firms do with our data. Data is being sold on a daily basis and no one is held responsible. The internet’s privacy was is a very long ride that might never be won.

  3. I also think about the fact that data privacy must be taken more seriously, and there should definitely be some kind of law to avoid the leakage of data by big firms such as Facebook…

Leave a Reply to gbwa Cancel reply

Your email address will not be published. Required fields are marked *