Cybercrime and Safeguarding in Schools

Sara Spinks 2 min read
Cybercrime and Safeguarding in Schools feature image

A recent report from the Parliamentary Office of Science and Technology (POST) highlights the urgent need for improved cybersecurity strategies in education. This article looks at the growing cyber threats in schools and the steps needed to protect young people.

Schools face a considerable threat from the rising tide of cybercrime, which impacts the organisation, students and staff. The increasing reliance on digital technologies in education raises serious safeguarding concerns regarding cyber threats, including phishing, ransomware, and identity theft.

Cybercriminals target schools for various reasons, including access to sensitive student data, financial fraud, and disruption of learning. Some of the most pressing threats include:

Phishing and Social Engineering Attacks
Staff and students are often targeted with fake emails or messages that can trick them into disclosing login credentials or downloading malware. These are the most prevalent forms of attack and can take down entire school networks.
Ransomware Attacks
Ransomware attacks, where hackers lock schools out of their own data and demand ransom to release it, are increasingly aimed at schools. The National Cyber Security Centre (NCSC) guidance warns that educational institutions are high-risk targets due to their reliance on digital records.
Data Breaches and Identity Theft
Student and staff data, including personal details and academic records, can be stolen and sold on the dark web. Poor password management and outdated security systems make schools vulnerable to such breaches.
Cyberbullying and Online Harms
Cyberbullying, online grooming, and exposure to harmful content also highlight safeguarding issues for schools beyond direct cybercrime. The Children’s Commissioner for England has repeatedly emphasised the need for stronger online safety measures in schools.

Challenges in Cybersecurity for Schools

  • Limited Cybersecurity Resources Many schools lack the in-house IT resources to monitor and protect against cyber threats. Due to limited budgets, they often operate with as few as one or two IT staff members serving several hundred students.
  • Lack of Cybersecurity Training Teachers and other school staff often lack familiarity with cyber hygiene best practices, such as identifying phishing emails and using multi-factor authentication. Human error is still a significant security threat, particularly if staff are not adequately trained.
  • Inadequate Legal Protection Cybercrime laws are often slow to adapt to emerging threats, leaving schools unsure of their legal obligations when responding to a data breach or cyberattack. The UK’s Online Safety Act aims to strengthen protections, but enforcement remains a challenge.

Schools can strengthen cyber safeguarding by implementing robust cybersecurity policies. Governance should establish clear cybersecurity protocols, including password policies, software updates, and access restrictions. The Department for Education (DfE) provides guidance on cybersecurity best practices.

Stronger digital safeguarding measures are essential. Schools should have strong filters and monitoring in place to block harmful content. The UK Safer Internet Centre offers a series of resources to assist with this.

Encouraging a cyber-safe culture is paramount. All school staff should receive regular training on recognising cyber threats. Organisations such as the National Cyber Security Centre (NCSC) offer free cybersecurity resources tailored for schools.

Educating pupils about online risks and how to be safe, including protecting their personal information and reporting any concerns, is also crucial. Education on digital literacy should form a core part of the curriculum.

Cybercrime is an increasing safeguarding concern for schools, threatening student safety, data security, and the continuity of learning. To protect young people, schools must prioritise cybersecurity training, implement strong digital safeguards, and stay informed about emerging threats. Collaboration with government agencies and cybersecurity organisations will ensure a safer digital environment for all.

Sara Spinks

SSS Author & Former Headteacher

2 April 2025

Related podcasts:

See all podcasts
Podcast thumnbail image
End-to-end encryption on Meta

02 Feb 2024, by Sam Preston & Sara Spinks

Podcast thumnbail image
Artificial Intelligence

26 Feb 2024, by Sam Preston & Sara Spinks

Podcast thumnbail image
Doxing

25 Mar 2024, by Sam Preston & Sara Spinks

Podcast thumnbail image
Cyber-flashing

08 Apr 2024, by Sam Preston & Sara Spinks

Related courses:

See all courses
GDPR Training for School & Academy Staff thumbnail image
GDPR Training for School & Academy Staff
E-Safety Training for School & Academy Staff thumbnail image
E-Safety Training for School & Academy Staff
E-Safety Refresher Training for School & Academy Staff thumbnail image
E-Safety Refresher Training for School & Academy Staff
GDPR - Refresher Training for School & Academy Staff thumbnail image
GDPR - Refresher Training for School & Academy Staff

Related articles

Safeguarding Top Tips for Governance
Essential tips for those in governance roles

by Sam Preston
SSS Learning Safeguarding Director

20 March 2023

named safeguarding governor
New to the Named Safeguarding Governor Role? Here's what you need to know.

by Sam Preston
SSS Learning Safeguarding Director

23 January 2023

image of a keyboard and hazard signs
Safer Internet Day 2025

by SSS Learning

10 February 2025

Teenager stressed at home during holiday
Ensuring effective safeguarding before, during and after school holidays

by Sam Preston
SSS Learning Safeguarding Director

18 November 2024

catfishing man on a pc
Conviction of Alexander McCartney the 'world's worst catfish'

by Sam Preston
SSS Learning Safeguarding Director

30 October 2024

digital data graphic
Safeguarding young people - the digital age & rise of online ideologies

by Sam Preston
SSS Learning Safeguarding Director

21 October 2024