Secure your school, protect your students.
Cyber security for schools and Multi-Academy Trusts. DfE standards compliance, KCSIE-compliant filtering, Cyber Essentials certification, and staff training -- all built around the school calendar.
Meeting DfE Cyber Standards
The Department for Education has published cyber security standards that all schools and trusts are expected to meet. These cover areas including access control, network security, data protection, incident response, and staff awareness. Ofsted is increasingly aware of these standards during inspections.
We assess your school against the DfE standards, identify gaps, and implement the changes needed to comply. For Multi-Academy Trusts, we provide a consistent approach across all schools in the trust with centralised reporting for the board.
Filtering & Monitoring
Keeping Children Safe in Education requires schools to have appropriate filtering and monitoring systems in place. These must be able to block harmful content, detect concerning search behaviour, and generate alerts for the Designated Safeguarding Lead.
We deploy and manage filtering and monitoring solutions that meet KCSIE requirements without blocking legitimate educational content. Policies are age-appropriate, reviewed regularly, and adjusted based on safeguarding feedback from your DSL.
Cyber Essentials for Schools
The DfE recommends Cyber Essentials certification for all schools, and it is becoming a requirement for many academy trusts and local authority contracts. As an IASME-accredited Certification Body, we assess and certify schools in-house with full understanding of the education context.
School environments present specific challenges for Cyber Essentials -- BYOD policies, shared devices, complex network segmentation, and legacy MIS systems. We know how to scope the assessment appropriately and guide you through remediation.
Incident Response for Schools
Schools are prime targets for ransomware and phishing attacks. When an incident occurs, the priority is getting students back to learning as quickly as possible while preserving evidence and meeting notification requirements.
We provide incident response planning and, when needed, hands-on response capability. Our plans are tailored to school operations -- covering term-time vs holiday scenarios, exam period protections, and communication templates for parents and governors.
Staff Cyber Awareness Training
Teaching and admin staff are the front line of school cyber security. Phishing emails targeting school finance teams, credential theft through fake login pages, and social engineering calls claiming to be from the local authority are all common attack vectors in education.
Our training programme is designed for school staff: short sessions that fit into INSET days or twilight CPD, practical advice relevant to the school context, and simulated phishing to test and reinforce learning.