Educational Institutions: Cybersecurity

Department for Education written question – answered on 27th May 2022.

Alert me about debates like this

Photo of Charlotte Nichols Charlotte Nichols Labour, Warrington North

To ask the Secretary of State for Education, what guidance his Department provides to (a) schools, (b) colleges and (c) universities on defending themselves from cyber fraudsters; and if he will make a statement.

Photo of Robin Walker Robin Walker The Parliamentary Under-Secretary of State for Scotland, Minister of State (Education)

The department works closely with the National Cyber Crime Security Centre (NCSC) and Joint Information Systems Committee to ensure that up-to-date cyber security guidance is shared with schools, colleges, and universities, including free tools from the NCSC as part of their Active Cyber Defence programme. The department’s Risk Protection Arrangement (RPA) has more than 9,500 member schools (43% of eligible schools in England) and is including cover for cyber incidents as standard from the 2022/23 membership years. To be eligible for RPA cyber cover, there are four key conditions that members must meet. In the event of a cyber incident, RPA members have access to a 24/7 Incident Response Service.

The department’s dedicated sector cyber security function provides advice in response to cyber security enquiries and incident reports from the sector, liaising with the affected institution following an incident to advise on steps to mitigate the threat and provide guidance on recovery.

To support schools in understanding their digital environment and what secure technology they should have in place, the department is developing a core set of digital, data and technology standards. The first set of standards has been published and is available here: All schools and colleges should meet these standards, levelling up access to safe, secure, and user-friendly digital technology for teaching and administration. Standards are being developed by technical and educational experts and will cover all critical technology and infrastructure to meet business and teaching needs, including cyber security.

Does this answer the above question?

Yes0 people think so

No0 people think not

Would you like to ask a question like this yourself? Use our Freedom of Information site.