General News

The NCSC 2022 Annual Review - What does this mean for schools?

What does the NCSC 2022 Annual Review, published this week, mean for schools? It’s been a busy year for education already with school budgets hit by unplanned teacher pay rises and doubling energy bills all before the end of the first term.  It is hard to fathom or think about how the conflict between Russia and Ukraine, being fought thousands of miles away, can be another influence.  The Rt Hon Oliver Dowden CBE MP says “that war extends to all fronts, including cyberspace. New data shows the UK is the third most targeted country for cyber attacks, behind only the USA and Ukraine”.  Sir Jeremy Fleming, Director GCHQ said in his foreword in the annual report that “We must be able to trust the systems that connect us, that enrich our lives economically and socially.  And that means that cyber security matters to everyone”.

We all know that schools are under funded in terms of staff and technology so how can they protect themselves and how can they afford to with current budget constraints?

The report discusses all of the different types of cyber attacks that we see, and most of us all know someone that has been a victim of cyber crime, phishing or malware.  However, technology standards are also very important in protecting our systems and data.  The current internet relies on protocols designed by its founders in the 1960s and 1970s.  It reflects the vision of technologists who did not want centralised control, and who set out to design an architecture that was open, resilient and neutral.  Many schools suffer from aging technology which increases the risk to data loss and systems vulnerability.

Ways that schools can start to protect themselves are in the area of procedures and policies that are not necessarily so device dependent, such as multi factor authentication for logging in to systems. Dr Ian Levey, Chief Technology Officer, gives two minutes of advice around using multi factor authentication and how the technology ecosystem needs to change.

Providing ongoing support and training for staff so that they can recognise attempted cyber attacks go a long way to protecting school systems when the biggest vulnerability is often the ‘insider threat’.

Growing the Next Generation of Cyber Security Professionals

While schools may struggle to ensure they are cyber secure and resilient, they have a role in growing the next generation of cyber security professionals.  The NCSC has done a lot of work this year with education to try to plug the gap in the shortage of cyber professionals:

“The CyberFirst Schools & Colleges scheme, which recognises academic centres for excellence in cyber security education, saw eight more establishments join the fold this year. The schools and colleges received CyberFirst status for delivering first-rate technology and cyber security teaching in and out of the classroom.  Since the initiative launched in 2020, 57 CyberFirst Schools and Colleges have been recognised for their excellence in developing cyber skills ecosystems around the country and addressing the industry’s cyber skills gap. “

The NCSC provide a KS3 Cyber teaching resource where students learn how digital and technology skills play a part in career opportunities.  The platform also heightens student awareness around online safety and encourages broader thinking around how to make better choices.

“The Cyber Explorers teaching resources – part of the CyberFirst family of schemes - were brought together in an interactive cyber security learning platform being rolled out across UK secondary schools this year. After being launched in 2021 the NCSC’s CyberSprinters video game for 7-11 year olds was updated this year with new stories and features. The game, which introduces players to cyber security, is supported by a suite of resources for teachers but can be played without supervision.”

We recommend visiting their website for staff training, technology standards advice and practical cyber security toolkits and help for schools. The full report can be found on the NCSC website :


Photo by Muha Ajjan on Unsplash