Over the past several years, schools have become increasingly targeted by cyber criminals. Schools are seen as prime targets for several reasons. They are a hotbed of personal and private information about students, teachers, staff, and administrators. With limited resources this data is often co-mingled and mismanaged. Recent changes in educational platforms including remote learning and work from home environments has created a much larger attack vector for schools. With so many different learning tools, both hardware and software, attached to the network, it is difficult to keep up with software and firmware patches. Finally, operational technology has transitioned from analog or air-gapped solutions to more efficient network-based environments, drastically increasing the number of end-points on the school’s network. All of these reasons make for a challenging security environment. This session will discuss the current threat landscape, high-level data privacy responsibilities, key elements of a successful cybersecurity program, and where your district can start.