Over four-fifths of UK schools have experienced at least one cybersecurity incident, with the insider threat from pupils surprisingly high, according to a new government report.
The National Cyber Security Centre (NCSC) and schools trust the London Grid for Learning (LGfL) teamed up to poll over 430 schools across the entire UK.
They found that 83% had suffered a security incident, although only a tiny 8% claimed it had been significantly disrupted by one.
Phishing was most common, with 69% of respondents claiming to have suffered an attack, while nearly a third (30%) said their school had been infected by malware.
Interestingly, over a fifth (21%) reported unauthorized use of computers, networks or servers by pupils — twice the number (11%) who claimed the same abuse of school IT systems by staff.
The report warned that such activity could put schools at risk of GDPR non-compliance, adding that schools were only aware of online leaks of confidential data in 3% of cases.
Despite the vast majority of respondents claiming to have in place best practice protections such as AV (98%), firewalls (99%), data back-ups (96%) and regular patching (95%), and 85% claiming to have a cybersecurity plan/policy, less than half (49%) said they were confident about dealing with a possible cyber-attack.
What’s more, only 45% include core IT services in their risk register and only 41% have a business continuity plan.
That’s despite nearly all schools (97%) admitting that losing access to network-connected IT services would cause considerable disruption.
There also appears to be a security gap in terms of staff cyber awareness, with just a third (35%) of respondents saying they train non-IT staff in security: 92% said they’d welcome such efforts.
“Budgets are tight, the curriculum is squeezed, and school is all about keeping children safe and providing the best-possible education. So you won’t often hear schools talking about their cyber security preparedness,” argued LGfL safeguarding & cybersecurity manager, Mark Bentley.
“Whilst it was hospitals rather than schools which suffered major disruption from the WannaCry virus, schools are just as likely as any organization to face DDoS and phishing attacks.”