The rollout of a new cyber security tool to help schools “safeguard their pupils’ education” amid rising hack attacks has been delayed by over a year and a half.
And it is still not known when the ‘Cyber Secure’ tool will be launched.
Following a spate of high-profile cyber-attacks, the Department for Education (DfE) piloted the application in schools between September and November 2021. It intended to launch the scheme nationally in January 2022.
However, the DfE told Schools Week: “Pilots of this nature take time to develop and this was delayed due to the ongoing impact of the Covid-19 pandemic.”
Its launched was pushed back until “the start” of this academic year. However, three weeks into term there is still no sign of it.
The DfE added that, since announcing the scheme two years ago, it had “reiterated and tested the content alongside cyber-security experts to ensure sufficient subject coverage to increase resilience within school environments.”
The free and anonymous self-assessment tool allows schools to assess their cyber-security measures through a grading system of 0 to 5.
A freedom of information (FOI) response on the results of the pilot – in which 50 schools were asked to review the tool – showed views were mixed.
One school told the department it would be “lucky if anyone bothers after seeing what it involves” due to staff already being “overworked”.
School responses led to cyber security tool changes
Another school said it “didn’t like anything about it”, adding that the tool was a “complete waste of time”.
However, the responses led to “several iterations and changes”.
The tool was first announced by schools minister Nick Gibb in May 2021, when he revealed the sector was struck by more than 70 ransomware attacks during the pandemic.
He said the tool would “enable schools to assess their cyber security, helping school leaders and staff safeguard their pupils’ education”.
A government-commissioned survey carried out between September and January found education institutions were more likely to have identified cyber breaches or attacks in the past year than the average UK business.
The survey of 241 primaries and 217 secondaries by market research firm Ipsos found 41 per cent of primaries and 63 per cent of secondaries had identified breaches or attacks in the past 12 months. This compared with 32 per cent of 2,263 surveyed businesses.