Strengthening K-12 Cybersecurity: PowerSchool’s Collaboration with School and Industry Leaders

Following a 2024 cybersecurity incident, PowerSchool has continued to strengthen our collaboration with schools, districts, and expert organizations to improve K-12 cybersecurity. This blog discusses insights from our collaboration at the recent National K-12 Cybersecurity Leadership Conference and the CoSN National Conference, as well as our ongoing commitment to cybersecurity. 

K-12 cybersecurity in schools is more critical than ever. Schools increasingly rely on digital tools and cloud-based platforms to manage student records, classroom engagement, and communication. However, this digital shift has made schools a growing target for cyber threats, putting student data security at risk. 

The K-12 education sector is a high-threat environment with bad actors purposely targeting edtech companies, schools, and districts to obtain sensitive information. With the increasing adoption of AI-driven learning tools, cloud-based platforms, and data analytics, the risk of cybersecurity incidents can’t be ignored. Beyond compliance with FERPA, COPPA, and state-specific regulations, districts must assess vendors’ encryption standards, AI transparency, third-party risk management, and overall security posture to protect student privacy and institutional integrity.  

As a leading global provider of K-12 education technology, PowerSchool takes our responsibility to protect student, family, and educator data and privacy extremely seriously. We’re committed to strengthening K-12 cybersecurity, collaborating with industry leaders, and continuously improving our security infrastructure to safeguard student data.  

Bringing Industry Leaders Together: National K-12 Cybersecurity Leadership Conference 

I recently had the pleasure of participating in the 2025 National K-12 Cybersecurity Leadership Conference in San Diego, California. Hosted by K12 Security Information eXchange (K12 SIX) in partnership with California IT in Education (CITE) and the San Diego County Office of Education, this event brought together cybersecurity experts, school district leaders, and technology providers to address growing cyber threats. 

At the conference, PowerSchool reaffirmed our commitment to fostering transparency, accountability, and proactive cybersecurity initiatives. Key takeaways from the conference include: 

• Collaboration with K-12 CISOs and CIOs: PowerSchool, along with our partners, works closely with Chief Information Security Officers and Chief Information Officers across districts to establish and implement cybersecurity best practices. 
• Strengthening Vendor Security: Schools and vendors are hardening their systems, reviewing security protocols, and enhancing incident response plans. 
• Re-evaluating Data Retention Policies: Policymakers and district leaders are revisiting historical data retention practices to minimize potential security risks. 
• State-Led Guidance on Cybersecurity: State education agencies are stepping in to provide structured guidance on cybersecurity and data protection for K-12 institutions. 

Security Insights from CoSN 2025: AI, Cybersecurity, and Leadership 

Our PowerSchool team also participated in the CoSN 2025 National Conference, where the intersection of artificial intelligence (AI) and cybersecurity was a dominant theme. We met with many attendees who expressed urgency and concern over cybersecurity issues, with an understanding that bad actors have more money, resources, and tools than ever before. At the same time, districts struggle with limited budgets and staff to combat attacks, making automation critical.  

Discussions at the conference focused on: 

The Role of AI in Cybersecurity:  

How to leverage technology, including AI and scalable security solutions, as tools for threat detection, automation, and security awareness training. Generative AI is also being leveraged for advanced social engineering attacks.  

Data Privacy in the Digital Age:  

The importance of protecting student data as schools increase their reliance on technology. 

Leadership in Cybersecurity:  

The evolving role of school district leaders in prioritizing cybersecurity and ensuring staff training. 

Urgency vs. Confidence:  

While there is a strong sense of urgency in addressing cyber threats, many tech leaders expressed growing confidence in implementing proactive measures. 

Education and Awareness: 

We need to move beyond traditional training methods to engage users effectively. Cybersecurity and ensuring data privacy should involve all stakeholders, not just IT professionals. 

Engaging Cybersecurity Awareness Through Storytelling:  

Traditional awareness training is often ineffective—storytelling, behavioral insights, and marketing techniques can make security education more relatable and impactful. 

PowerSchool’s Continued Commitment to Cybersecurity 

At PowerSchool, we’re dedicated to protecting student and staff data—taking proactive steps to reinforce cybersecurity across the education sector. We also recognize and deeply appreciate the collaboration and support from leaders across K-12 to enhance these efforts. Our comprehensive IT security strategy includes investing in security technologies. We continuously evaluate and implement advanced security solutions to stay ahead of emerging threats. 

PowerSchool adheres to strict data privacy regulations, remaining committed to compliance with national and international data privacy laws. 

Our IT operations encompass engineering, research and development, customer support, enablement, and comprehensive cybersecurity training and awareness. We strictly adhere to all applicable state, provincial, and federal data privacy regulations, including family education rights and privacy and children’s online privacy protection rules. We design our products to be secure by design and consistently invest in all aspects of security technologies and practices, ensuring our solutions remain ahead of evolving threats. We audit annually to ISO 2701 and SOC Type 2—the gold standard data security certifications for business service providers. And finally, we believe collaboration is key to strengthening security across the education sector, working alongside industry leaders, organizations, and policymakers to advance cybersecurity for all.  

Preparing for the Future: Strengthening K-12 Cybersecurity 

The reality is that cyber threats will continue to evolve, and there will be more threats and attacks on K-12 organizations. It’s crucial to focus on proactive measures to reduce the impact of future events. PowerSchool is dedicated to staying ahead by focusing on: 

• AI Transparency and Security: Ensuring AI-driven educational tools operate securely and ethically. 
• Stronger Vendor Assessments: Collaborating with vendors to meet the highest security standards. 
• Improved Incident Response Planning: Developing and refining rapid-response strategies to minimize the impact of potential future breaches. 

For more details on PowerSchool’s approach to cybersecurity, visit PowerSchool’s resources on cybersecurity, data privacy, and infrastructure.  

A Safer Digital Future for K-12 Education  

Cybersecurity is an ongoing challenge that requires a unified effort from educators, experts, and technology providers. I, along with the entire PowerSchool team, remain steadfast in our mission to protect student data and support the K-12 community in navigating today’s digital landscape securely. 

By fostering partnerships, implementing best practices, and prioritizing security innovations, we are committed to ensuring a safer and more resilient digital future for schools across the U.S. and worldwide.