Cybrary
Start
Post-Canvas incident readiness

Utah School
Cyber Readiness Scorecard

A 5-minute post-Canvas self-check for Utah district IT and security leaders preparing for back-to-school.

Identify gaps in staff awareness, AI use, MFA, vendor readiness, incident response, and hands-on technical skills — then receive a recommended training map for your district.

Take the 12-question scorecard Get a training map
  • Identify staff and IT training gaps before back-to-school
  • Review Canvas/LMS, SaaS, MFA, vendor, and incident-response readiness
  • Map gaps to awareness training, AI awareness, and hands-on cyber labs

This is not just a phishing checklist. It also covers safe AI use, AI-enabled impersonation, shadow AI, and the hands-on skills IT teams need when incidents happen.

Why this matters in Utah

Utah's 2025 education cybersecurity audit found that many local education agencies fell behind in baseline practices including MFA, incident response plans, training, and patch management. The audit also identified staffing, training, and prioritization as major barriers for LEAs.

USBE asks each Utah district and charter to designate an Information Security Officer responsible for serving as the primary cybersecurity contact, overseeing cybersecurity framework implementation, and collaborating on data-incident response.

The Canvas incident made this real

Federal Student Aid's May 12, 2026 technology alert said the Canvas incident involved unauthorized access to usernames, email addresses, course names, enrollment information, and messages. It also recommended actions including MFA across school systems, reviewing and disabling legacy accounts, monitoring logs, validating data-sharing agreements, and preparing for student, parent, and instructor questions.

That is why this scorecard looks beyond basic awareness. It covers staff readiness, AI use, identity, SaaS/vendor visibility, incident response, and hands-on technical investigation skills.

Choose your assessment

Start with the 5-minute pulse. Switch to the full checklist if you want a detailed working session with your team.

PulseAnswer the 12 questions to see your readiness profile
0 / 12

For each question, choose the answer that best describes your district today.

1

Cybersecurity ownership

Do you have a named cybersecurity owner or Information Security Officer, plus a backup, responsible for cyber training, incident escalation, and vendor-response coordination?

Why this matters

A lot of district cyber risk comes down to unclear ownership when something goes wrong.

2

Incident coordination

If a major platform like Canvas, Google Workspace, Microsoft 365, your SIS, or another edtech vendor had an incident tomorrow, would IT, cabinet leadership, principals, communications, and the help desk know who owns what?

Why this matters

Vendor incidents still become district operational incidents.

3

Incident-response practice

Have you run a tabletop or incident-response exercise in the last 12 months that included a SaaS/vendor incident, phishing campaign, account compromise, or student-data exposure scenario?

Why this matters

Written plans are useful, but practice is what exposes gaps.

4

Staff cyber awareness

Do all staff receive annual cybersecurity awareness training covering phishing, credential theft, MFA fatigue, suspicious links, safe reporting, and student-data protection?

Why this matters

Teachers, administrators, and front-office staff are often the first line of detection.

5

High-risk role training

Do higher-risk groups — finance, HR, payroll, principals, executive assistants, data managers, and IT admins — receive additional role-based cybersecurity training beyond basic awareness?

Why this matters

Not every employee has the same risk profile. Some roles are much more likely to be targeted.

6

Reporting suspicious activity

Do staff know exactly where and how to report suspicious emails, login pages, vendor messages, unusual AI tools, or possible data exposures?

Why this matters

The faster people report, the faster IT can contain the issue.

7

AI usage guidance

Does your district have clear guidance on approved AI tools and what student, staff, or district data should not be entered into unapproved AI systems?

Why this matters

Shadow AI use is becoming a data privacy and security issue for schools.

8

AI-enabled threats

Have staff been trained to recognize AI-enabled risks such as AI-written phishing, fake help-desk messages, deepfake audio/video, impersonation attempts, and misleading AI-generated content?

Why this matters

AI is making social engineering easier, faster, and more convincing.

9

MFA and identity security

Is MFA required and reviewed for administrative accounts, IT systems, cloud platforms, SIS/LMS access, and other critical district applications?

Why this matters

Identity is one of the most common ways attackers move from a single compromised account to broader disruption.

10

SaaS and edtech vendor visibility

Do you maintain an inventory of critical SaaS and edtech vendors, including system owner, data owner, technical owner, and the type of student/staff data each vendor can access?

Why this matters

You cannot manage vendor risk if you do not know which vendors matter most.

11

Technical investigation skills

Can your IT or help desk team investigate likely account compromise by reviewing login activity, identity alerts, email headers, suspicious links, admin activity, and SaaS/cloud logs?

Why this matters

Awareness training helps reduce incidents, but technical teams still need hands-on skills to investigate and respond.

12

Training plan by audience

Do you have a current cybersecurity training plan separated by audience — general staff, high-risk roles, IT/help desk, and advanced technical/security staff?

Why this matters

The best districts do not use one generic training program for everyone. They match training to role, risk, and responsibility.

Top training priority right now

What is your district's top cybersecurity training priority?

Answer the 12 questions above to see your readiness profile.

What you'll receive

After submitting the scorecard, Cybrary will send a recommended training map across five audiences:

  • All staff

    Phishing, MFA, password hygiene, reporting suspicious activity, and student-data protection.

  • Educators and administrators

    Safe AI use, AI-generated phishing, impersonation, student-data privacy, and incident awareness.

  • High-risk roles

    Finance, HR, payroll, principals, executive assistants, data managers, and cabinet-level leaders.

  • IT and help desk teams

    Phishing triage, account compromise, identity logs, SaaS/cloud logs, suspicious links, and incident escalation.

  • Advanced technical / security staff

    Hands-on labs for incident response, ransomware defense, cloud security, identity security, threat hunting, and vulnerability management.

Get your Utah School Cyber Training Map

Submit your responses and Cybrary will send a practical training map organized by audience: all staff, educators and administrators, high-risk roles, IT/help desk, and advanced technical teams.

We do not ask for student data, system details, or sensitive security information. This scorecard only collects your business contact information and your high-level readiness responses.

Answer the 12 questions above to see your readiness profile.

By submitting, you agree that Cybrary may contact you about your scorecard and training recommendations.