Research published by the DfE found that 39 percent of UK businesses had identified breaches or cyberattacks in the past 12 months. However, when it came to education and training institutions the numbers were much higher: 70 per cent for secondary schools, 88 per cent of further education colleges and 92 per cent of higher education institutions have fallen prey to such attacks.
Colleges and other FE providers store large amounts of sensitive data, including student and staff information, which makes them prime targets for cyber criminals. If left unprotected, this data could be exploited for financial gain or other malicious purposes.
Cyber criminals use social engineering to convince people to open attachments or click on links. No matter what technology you put in place, some users will still fall victim. In essence, this means that the biggest cyber security threat within any organisation is its own staff.
Colleges and training providers often invest in the latest technology to combat cyber criminals, but at Kirklees College, we felt that we needed to go further and significantly reduce the chance of falling victim to a breach.
We decided to offer cyber security continuous professional development (CPD) to all staff and cyber security qualifications to our adult students, which we started to roll out in June 2022.
It’s important to recognise that cyber security is not just a concern for the IT department, but for everyone within the college; from 16- to 18-year-old students who spend a significant amount of time online to adult students who may be less tech-savvy, it is essential to educate and prepare our community for the risks they face.
We chose Gateway Qualifications because their cyber security qualifications are fully resourced, which is important: lecturers and support staff are often time-poor and cyber security may not be their specialist subject.
Students were encouraged to take up the qualification and the feedback has been overwhelmingly positive. Many have found that their brand-new knowledge has been implementable in both their personal and professional lives, such as recognising potential bank fraud and spotting suspicious email addresses.
Every day, we are exposed to phishing scams, identity theft, unsecured Wi-Fi networks, unsafe devices, viruses, unsecured websites and social engineering, as well as the challenges of cyberbullying and online radicalisation. Learners and staff need support in navigating these risks.
By implementing cyber security training and qualifications for both staff and students, we are equipping our community with the necessary skills and knowledge to stay safe online and I would recommend this to any organisation.
While I appreciate that not every organisation will be able to implement training across the board like we have, it’s important to recognise that as the world becomes increasingly digital with more people working from home and more sensitive services like banking and health going online, individuals need to be proactive in protecting themselves from cyber threats. Education is central to building cyber security best practices.
There are numerous resources available to individuals looking to learn more about cyber security. The National Cyber Security Centre (NCSC) offers a wealth of resources and advice. Their Cyber Aware campaign is a great starting point for individuals looking to improve their cyber security knowledge.
Having said that, cyber security should be a priority for all training and education institutions and I am proud to be a part of a college that takes it seriously.
Recently, we worked closely with Ofsted inspectors in a consultancy capacity, and they were very interested in our cyber security practices. They were reflective and highly praised our efforts in the area. It was a great validation of the hard work we have done to prioritise the safety and security of our students and staff.
Education is our best bet when it comes to cyber security. As educators, it is not enough to rely solely on technology to protect us. By investing more in the thing we do best, we can bring education to bear on this growing threat. Cyber security training is key to empowering our students and staff to take proactive steps to protect themselves, their data and our organisations.