Education: Cybersecurity

Department for Education written question – answered at on 20 October 2023.

Alert me about debates like this

Photo of Bridget Phillipson Bridget Phillipson Shadow Secretary of State for Education

To ask the Secretary of State for Education, whether she is taking steps to secure pupils' data against cyber attacks.

Photo of Nick Gibb Nick Gibb Minister of State (Education)

The Department has taken steps to secure pupils’ data by introducing Cyber security standards for schools and colleges which outline what schools need to do to prevent cyber security risks, attacks and strengthen safeguarding policies.

Schools are required to meet data protection regulations and report personal data breaches. Guidance on keeping pupils safe in education sets out the requirements that schools and colleges need to meet to ensure IT systems are appropriately safeguarded from attacks.

The standards help schools understand how to protect network, data, devices and user accounts to minimise data loss, costs and safeguarding issues.

The standards state the requirement for schools to have at least 3 backup copies of important data, on at least 2 separate devices, with at least 1 off site.

The backup of important data is also a requirement for schools and colleges that sign up for cyber risk protection arrangement cover. Schools must determine which data is important to their operations, but it is likely to include personal, financial, management and network data as a minimum. The National Cyber Security Centre provides advice and guidance to help schools understand what data they must protect.

Does this answer the above question?

Yes0 people think so

No0 people think not

Would you like to ask a question like this yourself? Use our Freedom of Information site.