• 0800 0862018
  • This email address is being protected from spambots. You need JavaScript enabled to view it.
  • Mon - Fri 8:00 - 17:00

InfoSec / Cyber

The word cyber insurance in blue on a computer screen with a finger pointing at it

Cyber Insurance in the Public Sector

This article is about cyber insurance in the public sector, particularly in relation to schools.  Cyber insurance is a special type of insurance intended to protect businesses from internet-based risks, and more generally risks relating to information technology infrastructure and activities.  It is also known as cyber liability insurance or cyber risk insurance. 
It is an insurance coverage that helps protect individuals, businesses and organisations from financial losses or liabilities resulting from cyber attacks or cyber breaches. It provides coverage for expenses relating to managing and recovering from cyber incidents, such as investigation costs, legal fees, notification and credit monitoring services for affected individuals, public relations efforts, and financial losses due to business interruption.

Cyber insurance should not be seen as a substitute for implementing robust cyber security measures.  Please visit our Information & cyber security best practice library for support and guidance with information and cyber security.  Cyber insurance should be seen as an additional layer of protection that can help schools/businesses manage the financial risks associated with cyber incidents.

The NCSC provides NCSC Cyber Insurance Guidance, which explains what cyber insurance is and how to view what your organisation may need, along with considerations about what the policy might contain/cover.

Cyber Insurance for Schools

Since September 2014 there has been an alternative to traditional types of insurance cover for schools called the Risk Protection Arrangement (RPA).  It was introduced following the publication of an independent analysis which showed it would be cheaper for academy trusts if the UK Government covered risks instead of commercial insurers.  From 1st April 202, the scheme expanded so local authority maintained schools were able to join.

Following a pilot scheme, cover for cyber security incidents has been added to the threats covered.  Cyber cover is now included if a school meets all of the following conditions:

1. Have offline backups.
2. All employees or governors must undertake National Cyber Security Centre (NCSC) Cyber Security Training : Cyber security training for school staff
3. Register with Police CyberAlarm - please note this is register, you don't have to install and set it up.
4. Have a Cyber Response Plan in place.

Further information about the cyber cover provided by the Government can be found: Cyber Cover and the Risk Protection Arrangement (RPA).

From September 2022, cyber cover for all RPA members will include:

- increased cost of working for up to 90 days.
- an incident response service.
- dedicated 14/7/365 cyber incident breach response hotline and email.
- restoration, remediation, and ongoing monitoring for cyber incidents.

GAD worked with the government during the setting up of the cyber cover: Cyber incident cover for schools.

Computing recently published article about why cyber cover is no longer attractive for insurers and that public sector cannot afford it at the Cybersecurity Festival.

There has been an increase in both rising costs and increased payouts which have sent premiums soaring over the last 12 months.

Consider having a Cyber Response Plan and a Business Continuity Plan so that if things do go wrong you can be prepared.  A cyber attack can cost thousands of pounds in recovery of systems alone.  Review Data Protection Education's How to avoid a data breach: Information and Cyber Security and Introduction to Risk Management training courses.

If you are a trust, federation or group of schools, consider obtaining your Cyber Essentials accreditation using our Cyber Essentials Guidance. Cyber Essentials is an effective, Government backed scheme that will help you to protect your organisation, whatever its size, against a whole range of the most common cyber attacks.

What to do in the event of a cyber attack?

Tell someone!  Report to IT. Report to SLT. 

Unplug the computer from the internet by removing the ethernet cable or turning the Wi-Fi off.

If you are a victim of a ransomware attack we would recommend reporting this to Action Fraud: https://www.actionfraud.police.uk/ as well as your data protection officer so they can advise about the data loss.  Most cyber crimes like these will also need to be reported to the ICO by your data protection officer.

Isolate the infected device and pass to IT 

Always ensure there are backups you can restore from.

Little Guide to ACTION FRAUD