Subscribe to our free fortnightly newsletter and stay ahead with the latest news in edtech

Report: Schools' cyber security guidance urgently needed

LGfL's 2019 Cyber Security Schools Audit found that barely one-in-three schools train non-IT staff in cyber security

Posted by Julian Owen | October 30, 2019 | Technology

Despite the education sector being widely recognised as a top target for computer hackers, only 35% of schools train non-IT staff in cyber security.

That’s one of the key findings in a new report from edtech charity, the London Grid for Learning (LGfL).

More than four-in-five (83%) of schools have reportedly experienced at least one cyber-security incident.

And despite 99% of schools claiming to have firewalls in place, 8% said they had been “significantly disrupted” by a cyber-attack or incident.

The Cyber Security Schools Audit 2019 was compiled in conjunction with the National Cyber Security Centre (NCSC), with 430 UK schools surveyed in a bid to better comprehend future technology and training needs within the sector. 

“With ever-increasing accountability, squeezed budgets and a demanding curriculum, cyber security preparedness can sometimes fall to the bottom of the school agenda,” warned Mark Bentley, safeguarding and cyber security manager at LGfL DigiSafe.

“It’s vitally important that schools offer cyber security training to their staff and have basic technical protections in place.”

It’s never been more important for schools to be aware of the cyber risks and know that free resources are available to help them

Other key findings include:

 - Nearly all schools (97%) said that losing access to network-connected IT services would cause considerable disruption

 - Less than half (49%) were confident that they were adequately prepared in the event of a cyber attack

 - 85% had a cyber security policy or plan, but only 45% included core IT services in their risk register and only 41% had a business continuity plan 

 - Schools were aware of data breaches in only 3% of cases 

“Schools should seek access to the right types of information to help them protect their networks against the cyber threats they face,” advised Sarah Lyons, deputy director for economy and society at the NCSC.

“We work closely with the education sector to raise cyber-security awareness across schools, whilst signposting clear actionable advice to help schools mitigate against common cyber incidents. It’s never been more important for schools to be aware of the cyber risks and know that free resources are available to help them prepare and respond to a cyber incident.”

Cyber security preparedness can sometimes fall to the bottom of the school agenda

The multiplicity of threats schools face is made clear by the audit’s breakdown of cyber security incidents:

 - 69% of schools had suffered a phishing attack

 - 35% had experienced periods with no access to important information

 - 30% had suffered malware infection

 - 20% reported spoofing attacks (where a malicious party poses as a member of staff)

 - 11% had suffered attempted attacks to take down a website or online services

 - 21% had documented unauthorised pupil use of computers, networks or servers

 - 11% reported unauthorised staff use of computers, networks or servers 

To download a full copy of the report, click here.

 

 

Subscribe to our free fortnightly newsletter and stay ahead with the latest news in edtech

Related stories

How academies can harness leadership for growth

Bristol Cathedral Choir School unveils new extension

Report: Schools' cyber security guidance urgently needed

Market place - view all

Versa

Whether you're looking to solve dining space problems to get more s...

Clevertouch

Moxton Education

The Moxton Group is a specialist organisation focused in the Educat...