While no sector is immune to cyberattacks, some sectors are targeted more frequently than others and attacks on the education sector are common and on the rise. In May 2024, new data released by the UK’s Information Commissioner’s Office revealed there had been 347 cyber incidents reported by the education and childcare sector in 2023, an increase of 55% from the previous year.
These attacks can prevent access to IT systems, forcing schools to resort to manual processes for checking pupil registers, teaching, and all other school functions. Without access to IT systems, teachers are unable to prepare for lessons, schools have been prevented from taking payment for pupil lunches, and many have lost students’ coursework. The impact on schools, teachers, and students can be severe. Some schools have been forced to temporarily close due to a cyberattack.
A survey conducted by the Office of Qualifications and Examinations Regulation (Ofqual) found that 9% of surveyed headteachers had experienced a critically damaging cyberattack in the past academic year. 20% of schools were unable to immediately recover from a cyberattack and 4% reported that they still had not returned to normal operations more than half a term later.
The Ofqual survey revealed more than one-third of English schools had suffered a cyber incident in the past academic year and a significant percentage faced ongoing disruption due to a cyberattack. Cyberattacks can take many forms and while ransomware attacks are often the most damaging, the most common type of cyber incident is phishing. According to the survey, 23% of schools and colleges in England experienced a cybersecurity incident as a result of a phishing attack in the past year.
Schools are not sufficiently prepared to deal with these attacks. According to the survey, 1 in 3 teachers said they had not been provided with cybersecurity training in the past year, even though cybersecurity training has proven to be effective at preventing cyberattacks. The survey revealed that out of the 66% of teachers who had been provided with training, two-thirds said it was useful.
TitanHQ has developed a comprehensive security awareness training platform for all sectors, that is easy to tailor to meet the needs of individual schools. The platform includes an extensive range of computer-based training content, split into modules of no more than 10 minutes to make it easy for teachers and other staff members to complete. The training material is enjoyable, covers the specific threats that educational institutions face, and teaches the cybersecurity practices that can help to improve defenses and combat phishing, spear phishing, and malware attacks.
The SafeTitan platform also includes a phishing simulator for conducting simulated phishing attacks to improve awareness, reinforce training, and give staff members practice in identifying phishing and other cyber threats. The training and simulations can be automated, and training modules can be set to be triggered by security errors and risky behaviors. Further, the platform is affordable.
To find out more about improving human defenses at your educational institution through SafeTitan, give the TitanHQ team a call. TitanHQ can also help with improving technical defenses, with a suite of cybersecurity solutions for the education sector including SpamTitan anti-spam software, the PhishTitan anti-phishing solution, and the WebTitan DNS-based web filter. Combined, these technical defenses can greatly improve your security posture and prevent cyber threats them from reaching end users and their devices.