Get Full Government Meeting Transcripts, Videos, & Alerts Forever!

Auditors: Utah K–12 cybersecurity practices lag; higher education stronger but inconsistent — committee refers audit

Utah Legislature Audit Subcommittee · September 25, 2025

AI-Generated Content: All content on this page was generated by AI to highlight key points from the meeting. For complete details and context, we recommend watching the full video. so we can fix them.

Summary

Legislative auditors told the audit subcommittee that many K–12 school districts in Utah lack baseline cybersecurity protections — including multifactor authentication, incident response plans, and patch management — and that higher education institutions show stronger but inconsistent controls.

State auditors presented a cybersecurity performance audit showing significant gaps in cybersecurity practices across Utah’s local education agencies and inconsistent implementation of controls in higher education.

Auditors said that, based on surveys and limited active testing, many K–12 LEAs had not implemented baseline controls identified by the Cybersecurity and Infrastructure Security Agency (CISA), especially incident response planning, staff training, multifactor authentication (MFA),…

Already have an account? Log in

Subscribe to keep reading

Unlock the rest of this article — and every article on Citizen Portal.

Unlimited articles
AI-powered breakdowns of topics, speakers, decisions, and budgets
Instant alerts when your location has a new meeting
Follow topics and more locations
1,000 AI Insights / month, plus AI Chat

See memberships

30-day money-back on paid plans