answer text |
<p>The Department recognises that cyber security is a concern for many schools and
academy trusts. To support schools with this, the Department released Cyber Security
Standards in October 2022, which can be found here: <a href="https://www.gov.uk/guidance/meeting-digital-and-technology-standards-in-schools-and-colleges/cyber-security-standards-for-schools-and-colleges"
target="_blank">https://www.gov.uk/guidance/meeting-digital-and-technology-standards-in-schools-and-colleges/cyber-security-standards-for-schools-and-colleges</a>.
These standards provide a base level requirement for good cyber security practices
in schools, helping to raise resilience across the sector and make schools harder
targets. Many of the areas suggested for improvement are low cost or free to implement.</p><p>The
Department’s Risk Protection Arrangement (RPA) has more than 9,500 member schools,
which constitutes 43% of eligible schools in England, and includes cover for cyber
incidents as standard from the 2022/23 membership years. In the event of a cyber incident,
RPA members have access to a 24/7 incident response service. Since September 2022,
cyber cover has been available to multi academy trust RPA members, provided they meet
the required criteria.</p><p>Jisc is the UK digital, data and technology agency focused
on education, research and innovation. The Department continues to fund Jisc to provide
quality connectivity and cyber security to Further Education colleges in England.
In addition to network cyber security measures, Jisc provides advice, guidance, and
training on cyber security, including alerts and information on identified security
risks. This support includes access to a Cyber Security Incident Response Team. Jisc
offers similar support to Higher Education, funded by the Office for Students.</p><p>The
Department also continues to work closely with the NCSC (National Cyber Security Centre)
to identify incidents and conduct analysis to monitor and identify emerging cyber
threats.</p><p>Schools can access cyber security training for staff from the NCSC
and the NCSC Active Cyber Defence tools are now available to all schools. These assist
in protecting schools from a range of attacks. Further advice can be found on the
NCSC schools’ website at: <a href="https://www.ncsc.gov.uk/section/education-skills/cyber-security-schools"
target="_blank">https://www.ncsc.gov.uk/section/education-skills/cyber-security-schools</a>.</p><p>In
the event of a cyber attack, the Department has a cyber security team who can provide
advice and guidance to assist with recovery. To report an incident and receive support,
schools can contact: <a href="mailto:sector.incidentreporting@education.gov.uk" target="_blank">sector.incidentreporting@education.gov.uk</a>.
Schools are also encouraged to report all cyber incidents to Action Fraud via their
reporting site here: <a href="https://www.actionfraud.police.uk/" target="_blank">https://www.actionfraud.police.uk/</a>.</p><p>
</p><p>The Department will continue to develop the support and tools offered to schools
and academy trusts to improve their cyber security and resilience. This will help
to streamline reporting and data capture and improve mutual understanding between
the Department and schools.</p><p> </p>
|
|