Since 2016, there have been 1331 cybersecurity-related incidents reported affecting K12 schools. Among the incidences in 2021, the most frequently disclosed type of cyber attack to impact schools in the United States was ransomware attacks. 19.8% were student data breaches, which could result in unauthorized access to personal information such as names, social security numbers, student identification numbers, and other educational records. The shift to remote learning during the pandemic led to an increased number of cybersecurity-related incidents, such as ‘class invasion’ where online classes were interrupted. This type of attack became the most common type of cyberattack in 2020, which did not exist in 2018 as students weren’t on lockdown and attending classes virtually. In a resource-constrained environment, directing investment toward the most impactful measures and increasing cybersecurity budgeting can help address continuous threats. As K12 schools struggle with IT resources and are unable to single-handedly prevent all cyberattacks, implementing smaller changes can reduce the number of successful cyberattacks.