| Kindergartens through twelfth grade institutions (K-12) are susceptible to unauthorized breaches to the security of their networked systems. These systems house sensitive information for students and staff alike. K-12 organizations face a significant risk for loss of this information that can damage reputation and pose liability. Perpetrators have attempted and succeeded in gaining access to systems in order to gain personally identifiable information from this malicious activity. This study examines critical control areas and their relevance to overall security effectiveness in this environment. This research will show the reliability of certain controls in this environment and their associated relationships to one another. These include adherence to compliance programs, the budget used for annual IT staff training, the total amount of the annual IT budget provided in hardware and software, the amount of time spent on security maintenance of these systems, and the budget used for the routine security maintenance performed on these systems. Further survey of these factors can provide valuable insight regarding the level of security effectiveness to K-12 organizations. The results of the survey analysis showed that there was a significant correlation between adherence to a compliance program, budget used for annual IT staff training, the amount of time spent on security maintenance and overall security effectiveness in the K-12 IT environment. This study did not find any significant correlation between the other independent variables of the total amount of the annual IT budget, the budget used for security maintenance, and the dependent variable of the number of security breaches. |
