8 percent of UK schools admitted to suffering from a cyber incident according to an audit from the National Cyber Security Centre (NCSC), amidst news of 14 UK schools falling victim to a major cyber-attack.
The audit consisted of 805 schools between the 3rd and the 31st of May 2022, with participating schools from all areas of the UK. It was revealed that just over half of schools, 53 percent, felt they were prepared for a cyber incident, up from 49 percent in a 2019 survey.
Cybersecurity
Cybersecurity expert Achi Lewis, Area VP EMEA for Absolute Software, commented, “In the education sector, it often takes a major incident to bring cybersecurity top of mind."
"Schools are continuing to evolve their teaching methods, with devices being used more frequently and from more locations than ever before, and with a large volume of sensitive data being stored, education institutions are a lucrative target for threat actors.“
Remote access control
Patching operating systems, software, and firmware will improve application resilience to mitigate cyber breaches"
“Schools should build their cyber resilience, particularly at a time of heightened threat, by implementing application and remote access controls to securely manage both application and endpoint activity, only allowing users and behaviour permitted by the established security policy.”
“Patching operating systems, software, and firmware as soon as updates are available, as well as regularly updating anti-virus and anti-malware, will improve application resilience to enable security tools to always function as intended and mitigate cyber breaches that leak highly sensitive data.”
Cyber training
The audit also found that cyber training in schools has seen a significant rise, with 55 percent of non-IT staff having received cyber training, up from 35 percent in 2019.
“Implementing cybersecurity awareness training to educate both staff and students on how to identify and, crucially, report attacks play a significant role in building cyber resilience,” Lewis added.