How to protect a school from cyber attacks

Cyber security should be a top priority for schools. Find out how and when to check if your systems and processes are good enough, and follow our links to free tools, training and support.

Last reviewed on 7 August 2023See updates
School types: AllSchool phases: AllRef: 43020
Contents
  1. Make cyber security a priority
  2. Check if you meet the DfE's cyber security standards
  3. Get training for your staff
  4. Precautions you should have in place
  5. Have a cyber incident response plan
  6. Organise an annual audit
  7. Access free resources on cyber security 

Our thanks to the following experts for their help with this article: Karen Mitchell; Vickie Cieplak and Edward Trimbee from the West Midlands Regional Cyber Crime Unit; and our internal IT experts at The Key and ScholarPack.

We also refer to the National Cyber Security Centre (NCSC) and its resources throughout this article.

Make cyber security a priority

Cyber security is becoming more important than ever, with a number of schools falling victim to cyber attacks – particularly ransomware attacks.

This article will show you where you can get started with protecting your school.

You’re responsible for making sure you have the appropriate level of security protection and procedures in place – this is explained in paragraph 144 of Keeping Children Safe in Education (KCSIE) 2023 School data is incredibly sensitive – if it's compromised, this can be a risk to the pupils in your care Everything in your school relies on your computer network. An attack could mean

The Key has taken great care in publishing this article. However, some of the article's content and information may come from or link to third party sources whose quality, relevance, accuracy, completeness, currency and reliability we do not guarantee. Accordingly, we will not be held liable for any use of or reliance placed on this article's content or the links or downloads it provides. This article may contain information sourced from public sector bodies and licensed under the Open Government Licence v3.0.