Compliance & Regulation
Essential Reading
DfE Cyber Security Standards for Schools and Colleges
DfE Cyber Security Standards (January 2023) — governors of all English schools and colleges are accountable for meeting defined cybersecurity requirements.
Cyber Essentials for Schools and Colleges
Cyber Essentials certification covers five technical controls that the NCSC says would prevent the majority of common cyberattacks — including the ransomware that took Harris Federation's 50 schools offline.
GDPR for Schools
ICO has fined multiple UK schools for GDPR breaches — inadequate security, unlawful CCTV, and failure to protect sensitive pupil data.
Further Reading
JISC Cybersecurity Guidance for Higher Education
JISC's annual cyber threat report is the definitive assessment of cybersecurity threats facing UK universities and FE colleges — drawing on Janet network data and sector-wide incident reports.
Further Education Cybersecurity
WannaCry in 2017 affected Scottish FE colleges alongside NHS trusts — further education is firmly in scope for sector-wide cyberattacks.