Assessing the Resilience of Teachers Facing Cyber Risks in the Learning Process

Introduction

Cybersecurity risks in education extend beyond financial damage or data breaches; they disrupt instructional continuity, teaching quality, and student safety (Alenezi, 2024; Buyu & Ogange, 2022; Dhungana et al., 2023). The World Economic Forum ranks cyberattacks among the top five global threats, with projected losses exceeding $10.5 trillion by 2025 (Morgan, 2020). Despite institutional security investments, teachers remain a critical vulnerability in ensuring digital resilience (Gillam & Foster, 2020).

Teachers often lack cybersecurity awareness and preparedness, impacting data security, pedagogical decisions, and digital teaching practices (Martin et al., 2022; Stoilova et al., 2020). Cyber incidents threaten data integrity and affect students' socio-emotional well-being and digital citizenship (Carvalho et al., 2021; Dorol & Mishara, 2021). Thus, cybersecurity education should integrate safe instructional design, crisis management, and proactive security strategies into teacher training (Martin et al., 2022).

This study evaluates teachers' cybersecurity resilience using the NIST Cybersecurity Framework (NIST, 2018). Through a scenario-based interview approach, it explores how teachers identify cyber threats, adopt preventive measures, detect attacks, respond to breaches, and recover from incidents. This study addresses the following research questions:

1. How do teachers perceive cyber threats and risks?

2. What measures do teachers take against cyber threats?

3. How do teachers detect cybersecurity threats?

4. How do teachers respond to a cybersecurity incident?

5. How do teachers restore their digital systems after a cybersecurity breach?

Method

Research design

This study employs an instrumental case study to examine teachers' cybersecurity resilience in educational settings. This approach allows a structured yet flexible analysis of how teachers identify, protect, detect, respond, and recover from cyber threats. The study is grounded in the NIST Cybersecurity Framework (2018) as a framework for assessing cybersecurity resilience.

Participants

The study involved 160 teachers from diverse subject areas in Turkey, including Preschool Education (13.1%), Primary School Teaching (13.1%), Turkish (11.9%), Science (11.3%), Information Technologies (9.4%), English (9.4%), Mathematics (5.6%), Music (5.6%), Physical Education (6.3%), Guidance and Psychological Counseling (6.3%), Special Education (4.4%), Visual Arts (3.8%), and Social Studies (2.5%). This distribution ensured a broad representation of different teaching disciplines.

Data collection

Following institutional review board approval, data were collected through a scenario-based online form developed by the researchers. The instrument was structured based on the five core functions of the NIST Cybersecurity Framework (Identify, Protect, Detect, Respond, and Recover) and included a ransomware attack scenario within an educational context. Participants received the survey link via email, which included an informed consent form and open-ended questions to explore their cybersecurity measures and risk management strategies. The data collection process was completed within two months.

Data analysis

The data were analyzed using inductive thematic analysis following Braun and Clarke’s (2006) six-phase framework. NVivo 14 software was used to facilitate coding and data organization. Three researchers independently conducted the initial coding process. Following the initial coding phase, the researchers compared codes, discussed discrepancies, and collaboratively refined themes until consensus was reached. This process enhanced the credibility and trustworthiness of the findings. In the tables, “f” refers to the frequency of coded segments across all responses rather than the number of participants (n).

Results

Teachers' perceptions of cyber threats and risks (see Table 1) focus primarily on personal data security (f=132) and educational data security (f=98). The most frequently mentioned concerns include password protection (f=65), student information security (f=43), and data breaches (f=34), while awareness of malware (f=12) and ransomware (f=5) remains low.

Table 1

Teachers' Perceptions of Cyber Threats and Risks

Note. f = frequency of coded segments.

Regarding protective measures (see Table 2), teachers most commonly use data backups (f=218) and security software (f=202). Antivirus programs (f=95) and firewalls (f=35) are widely adopted, while encryption and strong passwords (f=12) are less frequently mentioned. Secure browsing practices (f=50) are moderately applied, but some teachers report knowledge gaps (f=37) in cybersecurity best practices.

Table 2

Teachers' Protective Measures Against Cyber Threats

Note. f = frequency of coded segments.

Teachers detect cyber threats primarily through security software (f=127) and monitoring tools (f=96). Antivirus programs (f=97) and firewall protections (f=23) are frequently used, yet awareness of suspicious activities (f=82) and proactive threat monitoring remains limited. In responding to cybersecurity incidents, most teachers rely on technical interventions (f=108), such as disconnecting devices (f=71) and running antivirus scans (f=33). Classroom management strategies (f=88), like explaining the issue calmly (f=48), are also used. However, a lack of intervention knowledge (f=69) affects their response effectiveness.

Discussion and recommendations

This study examined teachers' cybersecurity resilience, highlighting gaps in their awareness, preventive strategies, threat detection, response, and recovery. While teachers demonstrate basic data security awareness, their understanding of advanced cyber threats such as malware and ransomware remains limited (Carvalho et al., 2021). Similar findings indicate that teachers primarily rely on security software and reactive interventions rather than proactive cybersecurity strategies (Rodrigues et al., 2019). This suggests an urgent need for structured cybersecurity training to improve digital resilience in educational settings (Martin et al., 2022).

Regarding preventive measures, most teachers rely on data backups and antivirus software, but they neglect fundamental security practices such as strong password creation and encryption (Stoilova et al., 2019). Previous research highlights that such oversights increase vulnerability to cyberattacks, emphasizing the importance of integrating cybersecurity awareness into teacher training (Gillam & Foster, 2020).

Teachers' threat detection capabilities remain largely dependent on security tools, with limited awareness of phishing attacks and suspicious activity monitoring (Dorol & Mishara, 2021). Studies suggest that scenario-based training programs could help teachers recognize cyber threats more effectively and improve real-time decision-making (Buyu & Ogange, 2022; Ficco & Palmieri, 2019).

When responding to cyber incidents, teachers often resort to technical interventions, such as disconnecting devices or running antivirus scans, yet many lack crisis management knowledge (Damşa et al., 2021; Klasan et al., 2024). Research emphasizes that teachers need proactive incident response training to minimize instructional disruptions and protect student data (Buyu & Ogange, 2022; Chowdhury & Gkioulos, 2021).

To enhance cybersecurity resilience, teacher training programs should incorporate interactive simulations, scenario-based learning, and gamified cybersecurity exercises (Zhong et al., 2024). Additionally, professional development initiatives should focus on developing cybersecurity policies tailored to educational environments (NIST, 2018). Future research should evaluate the effectiveness of cybersecurity training programs through experimental studies and explore how teachers' digital competence affects their cybersecurity behaviors (Liu et al., 2016).

References

1. Alenezi, A. (2024). Cybersecurity risks and strategies in learning services of higher education institutions (HEIs) in developing and emerging countries: A critical scoping review. The Egyptian Journal for Commercial Studies, 48(3), 480–506. https://doi.org/10.21608/alat.2024.373548
2. Buyu, W., & Ogange, B. (2022, September). Cybersecurity in online learning: Innovations for teacher training and empowerment. In Tenth Pan-Commonwealth Forum on Open Learning. https://doi.org/10.56059/pcf10.8823
3. Carvalho, M., Branquinho, C., & De Matos, M. G. (2021). Cyberbullying and Bullying: Impact on Psychological Symptoms and Well-Being. Child Indicators Research, 14(1), 435–452. https://doi.org/10.1007/s12187-020-09756-2
4. Chowdhury, N., & Gkioulos, V. (2021). Cyber security training for critical infrastructure protection: A literature review. Computer Science Review, 40, 100361. https://doi.org/10.1016/j.cosrev.2021.100361
5. Damşa, C., Langford, M., Uehara, D., & Scherer, R. (2021). Teachers' agency and online education in times of crisis. Computers in Human Behavior, 121, 106793. https://doi.org/10.1016/j.chb.2021.106793
6. Dhungana, R. K., Gurung Dr, L., & Poudyal, H. (2023). Cybersecurity challenges and awareness of the multi-generational learners in Nepal. Journal of Cybersecurity Education, Research and Practice, 2023(2), 5. https://doi.org/10.32727/8.2023.17
7. Dorol-Beauroy-Eustache, O., & Mishara, B. L. (2021). Systematic review of risk and protective factors for suicidal and self-harm behaviors among children and adolescents involved with cyberbullying. Preventive Medicine, 152, 106684. https://doi.org/10.1016/j.ypmed.2021.106684
8. Ficco, M., & Palmieri, F. (2019). Leaf: An open-source cybersecurity training platform for realistic edge-IoT scenarios. Journal of Systems Architecture, 97, 107–129. https://doi.org/10.1016/j.sysarc.2019.04.004
9. Gillam, A. R., & Foster, W. T. (2020). Factors affecting risky cybersecurity behaviors by U.S. workers: An exploratory study. Computers in Human Behavior, 108, 106319. https://doi.org/10.1016/j.chb.2020.106319
10. Klasan, K., Dunđer, I., & Seljan, S. (2024). Assessing information security awareness among secondary school teachers. In Proceedings of the 47th International Convention on Information, Communication and Electronic Technology (MIPRO) (pp. 1508–1513). IEEE. https://doi.org/10.1109/MIPRO60963.2024.10569416
11. Liu, Q., Peng, W., Zhang, F., Hu, R., Li, Y., & Yan, W. (2016). The Effectiveness of Blended Learning in Health Professions: Systematic Review and Meta-Analysis. Journal of Medical Internet Research, 18(1), e2. https://doi.org/10.2196/jmir.4807
12. Martin, F., Gezer, T., Wang, W. C., Petty, T., & Wang, C. (2022). Examining K-12 educator experiences from digital citizenship professional development. Journal of Research on Technology in Education, 54(1), 143–160. https://doi.org/10.1080/15391523.2020.1815611
13. Morgan, S. (2020). Cybercrime to cost the world $10.5 trillion annually by 2025. Cybersecurity Ventures. https://cybersecurityventures.com/hackerpocalypse-cybercrime-report-2016/
14. National Institute of Standards and Technology. (2018). Framework for improving critical infrastructure cybersecurity (Version 1.1). U.S. Department of Commerce. https://doi.org/10.6028/NIST.CSWP.04162018
15. Rodrigues, H., Almeida, F., Figueiredo, V., & Lopes, S. L. (2019). Tracking e-learning through published papers: A systematic review. Computers & Education, 136, 87–98. https://doi.org/10.1016/j.compedu.2019.03.007
16. Stoilova, M., Livingstone, S., & Nandagiri, R. (2020). Digital by Default: Children's Capacity to Understand and Manage Online Data and Privacy. Media and Communication, 8(4), 197–207. https://doi.org/10.17645/mac.v8i4.3407
17. Zhong, C., Kim, J. B. J. B., & Liu, H. (2024). The Art of Inclusive Gamification in Cybersecurity Training. IEEE Security & Privacy, 22(5), 40–51. https://doi.org/10.1109/MSEC.2024.3427666