Ransomware and AI Threats: Schools Struggle with Cybersecurity Readiness

Insights from Action1's Cybersecurity in Education Report 2025-2026

In a landscape increasingly riddled with digital threats, Action1's recent report highlights how many educational institutions are still not adequately prepared to face ransomware and AI-driven cyberattacks. The findings from this year’s Cybersecurity in Education Report underscore a disconcerting reality: even with rising budgets, structural hurdles like staffing shortages and aging infrastructure are creating gaps in real security.

Overview of the Study

Action1 surveyed over 350 IT leaders within schools worldwide, delving deep into their experiences and perceptions regarding cyber threats. This extensive research serves as a benchmark for cybersecurity maturity within K-12 and higher education settings, revealing alarming trends over the past few years.

A Clearer Picture of Cybersecurity Maturity

Among the key takeaways, the report indicates a notable shift in how IT leaders perceive their cybersecurity readiness. Only two-thirds of them now consider their cybersecurity maturity to be at a moderate level. High confidence in their systems has dwindled, plummeting from 30% to just 18%. This reflects a growing acknowledgment of the complex and evolving nature of cyber threats that schools face today.

The Prevalence of Cyber Incidents

Over the past year, an astonishing 89% of participating schools reported experiencing at least one cyber incident. The most common threats identified were phishing attempts, unauthorized access, and various forms of malware, leading to repercussions such as data breaches, interruptions in learning, and damage to the institution’s reputation or finances.

Budget Increases vs. Staffing Limitations

Despite many schools reporting stable or even increasing budgets for cybersecurity, nearly 40% of them still feel underprepared to combat ransomware attacks. Alarmingly, 74% of the institutions do not have a dedicated cybersecurity specialist on staff, indicating a significant gap in expert human resources to adequately defend against these threats.

Structural Barriers to Effective Protection

The report's findings reveal that structural issues are a primary reason for the lack of robust cybersecurity defenses among education systems. Constraints such as budget limitations, outdated technology, inadequate staffing, and low levels of user awareness continue to hinder progress, leaving schools vulnerable to the sophisticated tactics employed by modern cybercriminals.

Mixed Results in Cyber Practices

While there has been progress, with more schools engaging in regular vulnerability assessments, the report reveals that not all institutions are taking adequate proactive measures. For instance, nearly one-third of surveyed schools conduct phishing simulations only once a year or do not conduct them at all, further illustrating the inconsistency in their cybersecurity practices.

Ransomware and AI Threats: A Growing Concern

Ransomware remains a significant concern for most school IT leaders, with half of them viewing it as a serious threat to maintaining learning continuity. Furthermore, the report highlights that AI-driven phishing attacks are expected to be the most pressing danger in the upcoming year, with a staggering 92% of respondents anticipating such threats to surpass even ransomware in terms of risk.

Conclusion

The Action1 Cybersecurity in Education Report for 2025-2026 paints a mixed picture. While there is evident progress in the understanding and awareness of cybersecurity issues, structural limitations are preventing schools from executing a comprehensive security strategy. By addressing these gaps—particularly in staffing, training, and resource allocation—educational institutions can move toward a more secure future amidst an increasingly hazardous digital landscape. For more extensive insights, visit Action1’s website to access the full report.