Cyber Security Schools Audit reveals urgent issues facing schools nationwide


  • 78% of schools fell victim to at least one type of cyber incident in 2022 – with 7% experiencing significant disruption as a result
  • 21% suffered a malware and/or ransomware attack and 18% faced periods with no access to important information
  • 26% had not implemented multifactor authentication to safeguard important accounts
  • 25% continued to allow limited staff access to USBs that can compromise systems through infections from computer viruses, malware and spyware
  • 4% had no back up facilities
  • 6 schools reported a parent losing money due to a cyber incident.

Top three attack vectors used by criminals:

  1. Phishing – fraudulent emails from attackers used to deceive staff into revealing sensitive information
  2. Spoofing – where attackers impersonate someone else to gain a victim’s confidence, access to a system, steal data, or spread malware
  3. Malicious software including:
  • Malware – used to disrupt or gain access to systems
  • Viruses – programs that when executed replicate themselves by modifying other computer programs and inserting their own code
  • Ransomware – designed to block access to a computer system until a sum of money is paid.

Schools continue to remain at particular risk from cyber criminals and must demonstrate vigilance, says the National Cyber Security Centre (NCSC, part of GCHQ) and edtech charity LGfL-The National Grid for Learning (LGfL), which today published their Cyber Security Schools Audit 2022 of UK schools nationwide.  The report can be downloaded here

Given the global shortage of skilled, experienced cybersecurity professionals, even large corporations struggle to recruit qualified staff. According to Mark Bentley, Cybersecurity Lead at LGfL, “For cash-strapped schools – rightly focussed on teaching and learning and keeping children safe – recruiting qualified staff is both a significant challenge and an additional expense – this is why LGfL and partners, which include some of the world’s largest security providers, have published an additional report that includes further analysis and important next steps for schools, also available at”


However, the audit did reveal that schools are wising up to the cyber threats they face:


  • 53% of the schools reported they felt prepared for a cyber-attack (compared to 49% in 2019)
  • Awareness of phishing in schools has increased from 69% in 2019 to 73% in 2022
  • 55% (compared to 35% in 2019) implemented staff training for non-IT staff
  • 49% (compared to 41% in 2019) have included their core IT services in a risk register or business continuity plan
  • 90% (compared to 33% in 2019) have at least one of the following – a cybersecurity register, risk register, or business continuity plan.


Sarah Lyons, NCSC Deputy Director for Economy and Society said, “Our schools rely so much on the myriad of data required to run efficiently – including sensitive data on students, parents, governors and staff – therefore more work must be done to support the cyber security around these essential services. That’s why the National Cyber Security Centre has been working with schools and the education sector to provide free tools and guidance to help schools manage their cyber risks effectively and supporting them to keep this valuable information safe.”


Concluding, Mark Bentley, said, “Cybersecurity can sometimes feel like a Rubik’s cube that changes its colours just as you are on the verge of solving it. Every week seems to bring new threats and make the list of ‘vital steps to stay protected’ grow even longer! But as with any complex issue, you can do a lot to manage and mitigate cybersecurity risks and this report is helping us to shape the support needed so that schools can do just that.”