The necessity for strong cyber security controls in primary and secondary education is growing as schools are increasingly targeted by cyber-attacks. This paper discusses how the adoption of technology in primary and secondary schools bring associated security threats, and how security standards and frameworks used in other industries may be applicable. The objective of this research is to create an adoption framework which incorporates current security industry standards and frameworks into the primary and secondary education environment. The proposed adoption framework aims to improve schools’ security posture while maintaining minimal impact on the teaching and learning of students.