Edtech charity LGfL has launched its Elevate Cybersecurity Toolkit for Schools offering a collection of key documents to help improve cyber-security.
It comes after a number of warnings from the National Cyber Security Centre (NCSC) to school leaders and IT managers after a rise in ransomware and other attacks on education institutions. The National Crime Agency (NCA) has also launched a campaign to raise awareness of cyber-crime among businesses and institutions.
According to recent figures from the Department for Digital, Culture, Media, and Sport (DCMS, 2022), security breaches in schools are still on the increase. This follows warnings last year from the NCSC. It is feared that in the rush to move to remote learning during the Covid pandemic, schools may have left their systems open to attack.
The DCMS research involved more than 400 schools and shows that 41% of primary and 70% of secondary institutions have experienced attacks in the last 12 months, up year-on-year.
By far the most common form of attacks by far were phishing, however other incidents included the school being impersonating in emails or online, virus/spyware/malware attacks, and DDOS attacks.
Both the NCSC and NCA have published resources to help institutions protect themselves from attacks, including the NCSC’s Cyber Security for School guidance (see below).
The new LGfL resource contains documents including acyber-security policy template, an incident response plan, and an example risk register to help assess, evaluate, prioritise, and manage cyber-security risks.
There is also an example asset register to inventory the equipment used in the school and an example software register to record which software/systems schools have and whether they hold confidential information.
- DCMS: Educational institutions findings annex - Cyber Security Breaches Survey, July 2022: https://bit.ly/3s16BOf
- LGfL: Elevate Cybersecurity Toolkit: www.elevate.lgfl.net
- National Crime Agency: www.nationalcrimeagency.gov.uk/what-we-do/crime-threats/cyber-crime
- NCSC: Mitigating malware and ransomware attacks: How to defend organisations against malware or ransomware attacks, February 2020: www.ncsc.gov.uk/guidance/mitigating-malware-and-ransomware-attacks
- NCSC: Cyber Security for Schools: Practical resources to help schools improve their cyber security: www.ncsc.gov.uk/section/education-skills/cyber-security-schools