Audit: Inadequate IT Security at Kansas Schools Leaves Vital Information Exposed

TOPEKA — A legislative audit revealing many school districts are not practicing basic security measures for information technology systems raised eyebrows Tuesday from a panel of legislators.

According to the K-12 Cybersecurity Resource Center, security incidents at schools have increased by 18% since last year. The limited-scope audit focused on how schools were approaching IT security, which contains sensitive data including grades, medical records and financial information.

Members of the Legislative Post Audit Committee expressed disappointment upon hearing that most respondents to a survey of all Kansas school districts do not have adequate IT security measures.

“I can’t believe in this day and age that we’re this far behind. It’s gonna take two or three years just to get up to par,” said Sen. Rob Olson, an Olathe Republican. “I think the Legislature should pick this up and set some minimum standards, but it’s really up to the state school board to pick this one up.”

The survey — which had a 51% response rate — revealed 58% of responding school districts do not require security awareness training for staff at any time, 65% do not scan their systems for vulnerabilities as often as recommended and 69% do not have an incident response plan.

State auditors said many schools simply failed to implement basic security controls to protect their networks against unauthorized users. They recommended the Legislature consider a measure to direct the Kansas State Department of Education to set minimum IT security standards for schools through guidance or requirements.

About half of survey respondents said the biggest barrier to achieving better IT security was an inability to hire enough staff or pay them competitively. Olson said he hoped legislative committees, such as the House K-12 Education Budget Committee chaired by Rep. Kristey Williams, would take up the matter.

Williams, an Augusta Republican who is chairwoman of the post audit panel, said they would review the issue but appeared keen to take a route that did not require spending state funds. She said districts should have money to address this issue with increased school funding from legal settlements and federal COVID-19 relief funds. 

“Ultimately I do feel that we have fully funded our school districts and they need to take this on,” Williams said, adding that offering guidance would not require school districts to spend money unless they choose to invest in improved security.

Rep. Jim Gartner, a Topeka Democrat, said it was a bit unrealistic to expect a department or any school districts to measure up without a statutory requirement.

“It would seem to me if it’s not required, they’re not going to really do it unless we require them to do it,” Gartner said. “So that’s something the legislature needs to address.”

In a written response to the audit, Kansas State Education Commissioner Randy Watson said if KSDE sets minimum standards, districts would likely rely on the agency for technical assistance. At the moment, the agency is only staffed to meet its own needs. 

“The level of support necessary for school districts to implement IT security standards would be a significant undertaking and is not possible with the current level of IT staffing at KSDE,” Watson said. “If the Kansas Legislature chooses to implement the LPA recommendation, there will need to be additional IT staff, and the Department would like to see that noted within the LPA recommendation.”

Kansas Reflector is part of States Newsroom, a network of news bureaus supported by grants and a coalition of donors as a 501c(3) public charity. Kansas Reflector maintains editorial independence. Contact Editor Sherman Smith for questions: info@kansasreflector.com. Follow Kansas Reflector on Facebook and Twitter.

Hot this week

🎙️ Sports Bite: Todd Clover Waconda Lakers 7-1-2026

Sports Bite: Here is the long form of todays...

Marysville Native Mike Hammett Earns LSWA Play-By-Play Award As Voice of the University of Louisiana Monroe Warhawks

Mike Hammett, the "Voice of the Warhawks," won the College Sports Radio Play-by-Play Award at the Louisiana Sports Writers Association brunch, marking his first victory after three second-place finishes. lauded for his professionalism and accurate commentary, Hammett praised his broadcast team and will start the 2026-27 season on September 5.

🎙️ Lydia & Blake at the Lake: Jennifer Urbaniak Jewell County Community Development

Jennifer Urbaniak with Jewell County Community Development sits down...

Downtown Marysville listed on Kansas Register

The Downtown Marysville Historic District was listed on the Register of Historic Kansas Places on June 27, recognizing its historical and architectural significance. Spanning 167 years, the district features 86 resources, including notable buildings from various eras. The initiative, led by OneMarysville and supported by a grant, aims to preserve community heritage.

Police Search for Driver in Hit-and-Run Involving Child on Bicycle Near Augusta Elementary School

BUTLER COUNTY — Law enforcement officials are actively investigating a hit-and-run incident that left a young bicyclist injured near an elementary school on Sunday evening.

Latest Headlines

🎙️ Made for More: Jordan Carson Nest and Nurture

Jordan Carson with Nest and Nurture sits down with...

Traffic Alert: Maintenance Work Scheduled for Little Blue River Bridge Near Waterville

Local drivers in Waterville should anticipate increased activity and potential delays due to bridge maintenance on 4th Road starting Monday, July 6. While the bridge will remain open, heightened worker presence and technical activity will require motorists to exercise caution and consider alternate routes for safety.

Leadership Mitchell County Community Service Award Banquet set to honor Doug McKinney

Beloit, KS, July 2026—LMC Service Committee Members surprised Doug...

Governor Kelly and KDHE Announce Increased Medicaid Funding for Rural and Critical Access Hospitals

Governor Laura Kelly announced that the Kansas Health Care Access Improvement Program has been approved by the Centers for Medicare and Medicaid Services. This plan will enhance Medicaid payments to Critical Access Hospitals and Rural Emergency Hospitals, allocating $83 million to enhance healthcare access and improve health outcomes for Kansans.
- Advertisement -

Related Articles

Popular Categories

- Advertisement -