Cyber guidance and scenario planning

15 July 2019

As connectivity improves and schools move beyond a patchwork of uncoordinated systems, they become increasingly more dependent on their ICT infrastructure at school, classroom and system level.

Children using computers

1. Cyber threat

A potential data breach or ‘cyber attack’ can become more likely if potential cyber risks are not managed.   

To help defend schools against a potential data breach or cyber attack, we’ve created three guides including a scenario planner to help schools better understand the threats they face. They define clear actions and controls to help mitigate cyber risks.  

2. Cyber risk management

Schools face a myriad of challenging hazards and threats and they now have to prepare for cyber threats caused by humans. These incidents can be accidental or deliberate and disrupt education and critical operations; expose sensitive personally identifiable information (PII) of students, teachers, parents and staff; and can lead to high recovery costs.

The report looks at the management steps that are required across the whole school in order to be cyber secure. It primarily focuses on the challenge of protecting against targeted, unauthorised attempts to access digital information, including research.

3. Scenario planning

Like all organisations making greater use of technology and the internet, it is vital that schools take all the steps they can to keep their systems, people and data secure and safe from harm.

The purpose of this scenario planner is to help inform decision makers and to encourage an appropriate response to a cyber attack. The planner serves as a summary to help all involved parties make informed decisions about security and the need for additional action such as insurance or technical management measures. By reviewing, the cyber risk posed to the school the planner will also help identify where there are weaknesses or areas for further investment.