There’s a glaring gap in knowledge when it comes to cyber awareness in schools, but it’s not among the students. Recent research conducted by Sophos in partnership with YouGov found nearly half of all UK teachers believe their students know more about IT than they do. It’s a worrying statistic in an increasingly digital world, and it’s leaving schools wide open to a range of online threats.
A false sense of security
Of the 348 head teachers, deputy heads and other senior teachers* we interviewed, just over a third (34%) identified data loss as the biggest cause for concern when it came to IT security in their school.
A further 18% cited student’s ability to hack into the server to take or change data as an area of major concern, and 22% felt phishing attacks were another significant worry. Despite this, a whopping 80% said they were confident in their school’s ability to protect students from online threats while in school.
>See also: Cyber criminals target schools
When you consider that over half (52%) of those surveyed said their school either doesn’t use, or they’re not aware of their school using, a system to monitor students’ activity on school owned IT devices, these figures simply do not stack up. And, as Government devolves more and more responsibility to schools, there is a real need to step up their security game.
Understanding the risk
In the case of online attacks, cyber criminals tend to either spread their net wide, or target specific sectors that appear vulnerable. In both cases, schools are in the line of fire, as years of stretched budgets and competing priorities have left many without the layers of protection needed to fend off today’s complex threats.
Schools are now expected to have a much better understanding of data held within their institution, how to keep it secure, and protect themselves from attack. There is also a greater emphasis on enabling teachers to transport sensitive data between workplaces (or home) so they can carry on working.
>See also: The cyber security skills gap in the UK: a multifaceted problem
With today’s ever-increasing cyber threats, it is extremely important that teachers and students are confident in their ability to access the internet in a safe and secure manner.
So how do we ensure our young people are protected and our schools remain safe from cyber attacks? It all starts with education.
Closing the void
Of the teachers we spoke to, 29% believe awareness of the need for data security is on the rise. This has been fuelled by a number of high profile security breaches. And, while awareness does need to be translated into action to make a real difference, it is a promising start.
The good news is, many of the fears raised by teachers can be addressed through basic cyber security training, and common attacks such as phishing can often be prevented if staff know what types of behaviours to look for.
In fact, 47% of teachers said additional training would help increase their confidence in their ability to protect students from online threats.
A further 43% felt more tools to monitor student activity at school would be beneficial. Both are relatively simple to implement, with the dual benefits of empowering teachers while protecting vulnerable students and school data.
>See also: Financial firms in NYC face stricter cyber security regulation
Developing rigorous online safety policies and procedures that link to existing school policies around behaviour, and ensuring all staff, students and parents are aware of these is a great place to start. These policies should be living documents. If they’re already in place, take the time to review them to ensure they’re still fit for your school.
Supporting these policies with digital tools such as anti-virus, encryption technology, and patch management, as well as ensuring all operating systems and software are up-to-date, will enable students and teachers to enjoy greater access to information without putting themselves or their school in danger.
You wouldn’t let strangers wander into your school, so why leave the door open online? By implementing appropriate filters and monitoring mechanisms alongside training and education today, schools can minimise the risk faced by children and young people while preparing themselves for the future. The steps may seem simple, but their impact is major. It’s time to school up on IT.
*Sophos surveyed head teachers, deputy head teachers, and other senior teachers including key stage leaders and assessment leaders
Sourced by Oliver Wells, Education Manager, Sophos