The main benefit of multi-factor authentication (MFA) is that it significantly enhances your organisation's security by requiring users to verify their identity using more than just a username and password.
InfoSec / Cyber
🔒 World Password Day 2026
Keeping your organisation secure in a changing authentication landscape
The Cyber Security Breaches Survey 2025/2026 was published on 30t April 2026 by DSIT and the Home Office. We outline the current threat picture for schools.
Did you know there is an increase in cyber attacks on a long weekend? Long weekends and holidays are 'peak season' for hackers who exploit reduced oversight.
On March 11, threat actors breached Stryker's network via a unique cyber attack - while the data was removed and then devices wipes, the method of entry into Stryker's network is key to improving your own cyber resilience.
The SEROCU (South East Organised Crime Unit) has advised schools across Surrey and Sussex to be aware of a rise in M365 phishing emails.
Finding the right IT partner and support provider is a big decision. Due diligence for IT Support isn't just about who can 'fix computers', it's about ensuring standards are followed and they work with you to meet your organisation's strategy. Data Protection Education has a DfE IT Support Tracker and Supplier Due Diligence Directory to provide support and guidance as well as tracking your progress.
The Government Cyber Action Plan, published in January 2026, sets out a radical shift in how the UK public sector manages cyber security and digital resilience. It moves away from fragmented, siloed defences toward a "Defend as One" model led by a new Government Cyber Unit within the Department for Science, Innovation and Technology (DSIT).
We're sharing some small snippets over Christmas to share with staff. Please feel free to share the link to this short news article or follow us over on our social media channels where we share additional help and advice - we'd love to see you there!
The DfE Technology in Schools survey: 2024 to 2025 was published this week. We give our views on the results:
Several London councils are believed to have been targeted in cyber attacks within the past few days, including Hammersmith, who were previously attacked in 2020.
The government has announced an additional Digital Standard to help with planning, commissioning and reviewing their IT support services. The services can be internal, external or a hybrid. Effective IT support is essential for maintaining technology, planning improvements and mitigating risks like outages and cyber incidents, and sits alongside the other 11 standards.
- October 31. On the road to improving cyber resilience
- October 30. Cyber Support
- October 29. Admin Controls & Accounts
- October 28. Phishing: Don't Take the Bait!
- October 27. Passwords
- October 26. Physical Security of Digital Assets
- October 25. Server Security: Protecting Your Digital Core
- October 24. Backups: Your Recovery Safety Net
- October 23. Filtering and Monitoring
- October 22. Hardware: Printers
- October 21. Hardware: Asset Management
- October 20. Hardware: Safe disposal
- October 19. Anti-virus/anti-malware
- October 18. Regular Updates: Patching Against Threats
- October 17. Access Control: Managing User Privileges
- October 16. Access Control: Securing Your Digital Gateways (Wi-Fi & Networks)
- October 15. Access Control: Securing Your Home Office (Working From Home)
- October 14. Access Control : (Multi-factor authentication)
- October 13. Cyber Security Awareness
- October 12. Training: Empowering your human firewall
- October 11. Policies and Procedures: Cyber Blueprint
- October 10. Understanding Your Cyber Posture
- Time's Ticking: Windows 10 support ends in October 2025!
- October 9. A Guide for Education Providers
- October 8. How Can Your Organisation Prevent Ransomware Attacks?
- October 7: Under Attack: The Reality of Ransomware
- October 6: Cyber Action Plan and A Roadmap to Resilience
- October 5: Cyber Responsibilities - We're All in This Together
- October 4: When a Cyber Attack Hits
- October 3: Data Security, the Core of Protection
- October 2: Privacy Protection & Safeguarding Personal Data
- October 1: Welcome to Cyber Security Awareness Month!
- Nursery Cyber attack
- The NCSC Cyber Assessment Framework
- The Classroom's Dark Side: Cyber crime from the Classroom
- The Latest Cyber Threat: The "Murky Panda"
- Social engineering + impersonation = Fraud ≡ cyber deception
- School cyber attack: Framlingham College, Suffolk
- Getting caught in the Scattered Spider web
- A Wake-Up Call for Cyber Vigilance - Danger in the Threat Landscape for Everyone
- Apple removes its highest level data security tool from UK customers
- The role of Passkeys in Cyber Resilience and Cyber Security
- Effectively communicating during a cyber incident
- Safeguarding Identity in Microsoft 365: Protecting the UK Education Sector Against Cyber Threats
- How does the recent global IT outage affect me?
- King's speech introduces new bills in relation to cyber security, smart data and digital information
- What's a Cyber Incident and what should we do?
- Free short cyber training for staff
- Children's mental health data leaked after a cyber attack
- Cyber Incident Review: The Benefits
- Cyber attack on a University
- Kent Councils Data Breach
- Phishing attacks targeting schools - alert from City of London Police
- Update on Advisory for Rhysida Ransomware
- The Crime in a Cyber Attack and a Data Breach
- NCSC Annual Review is published for 2023
- Learning from Data Breaches
- Windows 11 security ineffective against attacks on old devices
- International Counter Ransomware Initiative 2023 Joint Statement
- Top Ten Cyber Security Misconfigurations
- ICO Reprimand: company suffered a ransomware attack
- The UK Online Safety Bill becomes an Act (Law)
- The importance of software updates (PaperCut vulnerability and Rhysida ransomware)
- Ransomware, extortion and the cyber crime ecosystem
- Cyber Resource: The Cyber Resilience Centre Group
- Email and Security: ICO recent guidance
- What to do in the event of a Cyber Attack
- Cyber Crime: AI Generated Phishing Attacks
- Cyber Attack: Exam Boards
- VICE SOCIETY - Ransomware attacks on schools
- Be Cyber Aware: USB Sticks
- Cyber Insurance in the Public Sector
- Types of Cyber Attacks: DDos Attack (Microsoft DDoS Attack in June)
- Cyber Attack: Leytonstone School
- Be Cyber Aware: Firewalls
- Be Cyber Aware: Cyber attacks and transparency. A no blame culture
- Cyber Attack: Dorchester School
- Types of Cyber Attacks: Password Attacks
- Be Cyber Aware: Why regular software updates are important
- Cyber Attack: Wiltshire School
- Keeping your IT systems safe and secure
- Why we recommend using PIN codes on printers
- Types of Cyber Attacks: DDoS Attacks
- Types of Cyber Attacks: Phishing
- Types of Cyber Attacks: The Insider Threat
- Why your data is profitable to cyber criminals
- Types of malware and how they are linked to data protection
- How a school fought back after a cyberattack
- Types of Cyber Attacks - Credential Stuffing
- January Cyber update - How Can Schools Help Prevent Cyber Attacks?
- The Education sector now at highest risk of cyber attacks
- Cyber Attacks
- Emails – good practice and minimising the risk of a data breach
©2025 Data Protection Education Ltd.