Ransomware incidents across K‑12 districts and colleges rose in 2025, with the U.S. accounting for more than half of recorded attacks and nearly 3.9 million records exfiltrated, according to a Comparitech analysis. The largest reported breach hit the University of Phoenix, exposing millions of records and underscoring vulnerabilities tied to third‑party platforms and widely used enterprise software. Campus IT leaders also face a second, emerging threat vector: shadow AI. Staff and faculty are increasingly adopting generative tools outside IT oversight, creating data‑loss and compliance risks. Security teams warn that unvetted AI tools can expose student and research data and complicate FERPA and contractual privacy obligations. Universities must reconcile rapid AI adoption for research and instruction with tightened cyber hygiene: patch management, vendor risk reviews, and clear policies for allowed AI use. CISOs tell boards that defense now requires combining traditional endpoint controls with governance over data plugged into external models.