The main benefit of multi-factor authentication (MFA) is that it significantly enhances your organisation's security by requiring users to verify their identity using more than just a username and password.
All News
🔒 World Password Day 2026
Keeping your organisation secure in a changing authentication landscape
The Cyber Security Breaches Survey 2025/2026 was published on 30t April 2026 by DSIT and the Home Office. We outline the current threat picture for schools.
🔄☁️ Having a robust backup is being prepared against data loss and data theft. March 31st is World Backup day to remind everyone of the importance of having a robust and accessible backup.
Did you know there is an increase in cyber attacks on a long weekend? Long weekends and holidays are 'peak season' for hackers who exploit reduced oversight.
On March 11, threat actors breached Stryker's network via a unique cyber attack - while the data was removed and then devices wipes, the method of entry into Stryker's network is key to improving your own cyber resilience.
📢📢 Come and register for our new Data Protection Education webinars for 2026!
The SEROCU (South East Organised Crime Unit) has advised schools across Surrey and Sussex to be aware of a rise in M365 phishing emails.
Finding the right IT partner and support provider is a big decision. Due diligence for IT Support isn't just about who can 'fix computers', it's about ensuring standards are followed and they work with you to meet your organisation's strategy. Data Protection Education has a DfE IT Support Tracker and Supplier Due Diligence Directory to provide support and guidance as well as tracking your progress.
The Government Cyber Action Plan, published in January 2026, sets out a radical shift in how the UK public sector manages cyber security and digital resilience. It moves away from fragmented, siloed defences toward a "Defend as One" model led by a new Government Cyber Unit within the Department for Science, Innovation and Technology (DSIT).
We're sharing some small snippets over Christmas to share with staff. Please feel free to share the link to this short news article or follow us over on our social media channels where we share additional help and advice - we'd love to see you there!
The DfE Technology in Schools survey: 2024 to 2025 was published this week. We give our views on the results:
- Four London councils hit by cyber attacks - Hackney, Westminster, Kensington & Chelsea, and Hammersmith & Fulham
- IT Support Standards for Schools and Colleges Guidance (DfE Digital Standards)
- October 31. On the road to improving cyber resilience
- October 30. Cyber Support
- October 29. Admin Controls & Accounts
- October 28. Phishing: Don't Take the Bait!
- October 27. Passwords
- October 26. Physical Security of Digital Assets
- October 25. Server Security: Protecting Your Digital Core
- October 24. Backups: Your Recovery Safety Net
- October 23. Filtering and Monitoring
- October 22. Hardware: Printers
- October 21. Hardware: Asset Management
- October 20. Hardware: Safe disposal
- October 19. Anti-virus/anti-malware
- October 18. Regular Updates: Patching Against Threats
- October 17. Access Control: Managing User Privileges
- October 16. Access Control: Securing Your Digital Gateways (Wi-Fi & Networks)
- October 15. Access Control: Securing Your Home Office (Working From Home)
- October 14. Access Control : (Multi-factor authentication)
- October 13. Cyber Security Awareness
- October 12. Training: Empowering your human firewall
- October 11. Policies and Procedures: Cyber Blueprint
- October 10. Understanding Your Cyber Posture
- Time's Ticking: Windows 10 support ends in October 2025!
- October 9. A Guide for Education Providers
- October 8. How Can Your Organisation Prevent Ransomware Attacks?
- October 7: Under Attack: The Reality of Ransomware
- October 6: Cyber Action Plan and A Roadmap to Resilience
- October 5: Cyber Responsibilities - We're All in This Together
- October 4: When a Cyber Attack Hits
- October 3: Data Security, the Core of Protection
- October 2: Privacy Protection & Safeguarding Personal Data
- October 1: Welcome to Cyber Security Awareness Month!
- Nursery Cyber attack
- The NCSC Cyber Assessment Framework
- Fraud awareness from the DfE
- The Classroom's Dark Side: Cyber crime from the Classroom
- KCSIE 2025: Data Protection, AI, and Cyber Security
- New e-learning for 2025
- The Latest Cyber Threat: The "Murky Panda"
- Building a Secure School: Using the ICO Accountability Framework to Meet DfE Digital Standards
- Digital Safeguarding: DfE announces statutory DfE Digital Standards
- Compliance Reporting from the Knowledge Bank
- Social engineering + impersonation = Fraud ≡ cyber deception
- Data Breaches 2025 Report Highlights
- School cyber attack: Framlingham College, Suffolk
- Getting caught in the Scattered Spider web
- A Wake-Up Call for Cyber Vigilance - Danger in the Threat Landscape for Everyone
- Social Media and Marketing Guidelines and Training
- New Governor Resources
- Apple removes its highest level data security tool from UK customers
- Safer Internet Day, Cyber Security & Data Protection
- The Cyber Resilience Championship
- The Multiple Dimensions of Supplier Due Diligence
- Blacon High School Cyber Attack
- The role of Passkeys in Cyber Resilience and Cyber Security
- What the proposed Government legislative proposal around cyber crime means
- Effectively communicating during a cyber incident
- Safeguarding Identity in Microsoft 365: Protecting the UK Education Sector Against Cyber Threats
- Cyber Security Best Practice Area
- DfE Digital Standards for Schools and Colleges Tracker
- New Policies, Documents, Letters and Posters page
- Schools and Trusts Best Practice Area
- The DPE Retention Schedule
- Making the Rounds Update (now includes reporting)
- How does the recent global IT outage affect me?
- King's speech introduces new bills in relation to cyber security, smart data and digital information
- Out of date technology
- What's a Cyber Incident and what should we do?
- Cyber attack on a school during half term
- Free short cyber training for staff
- The rise of cyber attacks in schools are causing pupils to miss classes
- ICO: Learning from the mistakes of others report
- Children's mental health data leaked after a cyber attack
- Cyber attack on a Trust; the aftermath
- Social Media Best Practice Area
- Lettings Best Practice Area
- MFA Bombing - What is it?
- Product Focus on Checklists : Initial Trust Plan
- Product Focus on Checklists : Information and Cyber Security
- Product Focus on Checklists : End of Term Checklist
- Product Focus on Checklists : Social Media
- Cyber Incident Review: The Benefits
- Product Focus on Checklists : Lettings
- Product Focus on Checklists : Record of Processing
- Why Data Should Stay Put: Benefits of Keeping Data in Its Original System
- Product Focus on Checklists : Data Retention and Destruction
- Product Focus on Checklists : Data Migration
- Product Focus on Checklists : Biometrics
- Product Focus on Checklists : Supplier Due Diligence
- Free Cyber help, advice and training with the Cyber Resilience Centres
- The Perils of Paper: The Printing Vulnerability
- Product Focus on Checklists : FOI
- Product Focus on Checklists : Governors and Data
- Product Focus on Checklists : DPIA
- Product Focus on Checklists : Site Moves
- Product Focus on Checklists : Data Breaches
- Product Focus on Checklists : Subject Access Requests
- Cyber attack on a University
- Product Focus on Checklists : Bring your own device
- Product Focus on Checklists : Working out of school/offsite
- Cyber Attack on a School
- Product Focus on Checklists : Redaction
- Product Focus on Checklists : CCTV
- Product Focus on Checklists : Clear desk
- Product Focus on Checklists : Commitment to compliance
- Product Focus on Checklists : Photos and video
- Product Focus on Checklists : Passwords
- Product Focus on Checklists : Information Classification
- Kent Councils Data Breach
- Free cyber training for staff
- DfE Digital Standards Update
- Where is your data stored?
- Phishing attacks targeting schools - alert from City of London Police
- The ICO reprimands a Multi Academy Trust
- CISA and UK NCSC Announce Joint Guidelines for Secure AI System Development
- Trust Initial Plan Checklist Update
- Update on Advisory for Rhysida Ransomware
- Records Management Best Practice Update
- The Crime in a Cyber Attack and a Data Breach
- NCSC Annual Review is published for 2023
- Learning from Data Breaches
- Windows 11 security ineffective against attacks on old devices
- Trust Initial Plan for Data Protection Compliance (for Multi Academy Trusts)
- International Counter Ransomware Initiative 2023 Joint Statement
- Google for Education Resources: Helping IT Admins meet DfE digital and technology standards
- Top Ten Cyber Security Misconfigurations
- ICO Reprimand: company suffered a ransomware attack
- The UK Online Safety Bill becomes an Act (Law)
- The importance of software updates (PaperCut vulnerability and Rhysida ransomware)
- Ransomware, extortion and the cyber crime ecosystem
- Cyber Resource: The Cyber Resilience Centre Group
- Email and Security: ICO recent guidance
- Help after a Cyber Attack/Incident
- What to do in the event of a Cyber Attack
- How KCSIE is linked to Cyber Strategy
- Cyber Crime: AI Generated Phishing Attacks
- Cyber Attack: Exam Boards
- VICE SOCIETY - Ransomware attacks on schools
- Using Tags if you are a group of organisations in the DPE Knowledge Bank
- Where's Harry the Hacker?
- Be Cyber Aware: USB Sticks
- Cyber Insurance in the Public Sector
- Types of Cyber Attacks: DDos Attack (Microsoft DDoS Attack in June)
- Cyber Attack: Leytonstone School
- Be Cyber Aware: Firewalls
- Be Cyber Aware: Cyber attacks and transparency. A no blame culture
- Cyber Attack: Dorchester School
- Knowledge Bank Role Types: Admin, Staff and Trustee
- Types of Cyber Attacks: Password Attacks
- Be Cyber Aware: Why regular software updates are important
- Cyber Attack: Wiltshire School
- Keeping your IT systems safe and secure
- Why we recommend using PIN codes on printers
- Types of Cyber Attacks: DDoS Attacks
- Types of Cyber Attacks: Phishing
- Redaction Guidelines Updated
- Types of Cyber Attacks: The Insider Threat
- Why your data is profitable to cyber criminals
- Using WhatsApp in Schools
- Knowledge Bank Updates
- Types of malware and how they are linked to data protection
- Windows Server 2012 & 2012 R2 Retirement
- How to contact us for support, subject access requests, data breaches and FOI's
- How a school fought back after a cyberattack
- Types of Cyber Attacks - Credential Stuffing
- January Cyber update - How Can Schools Help Prevent Cyber Attacks?
- Assigning courses to staff using to-dos
- The Education sector now at highest risk of cyber attacks
- Cyber Attacks
- Best Practice for Managing Photos and Video
- Compliance Manager released
- Emails – good practice and minimising the risk of a data breach
©2025 Data Protection Education Ltd.