Succeeding as a teacher means more than mastering what and how to teach. Obtaining a deep knowledge of the subject matter and how to apply it is only the prelude to a life spent on a classroom stage, fighting to engage the attention of students on the topic at hand and away from the temptation to talk, heckle or engage in undefined but ill-disguised mischief. In an increasingly digitised learning environment, that also means relying on technology to conjure up whiteboards, slideshows, videos and learning exercises, using systems at times complex, confusing or, in the case of a growing number of schools inaccessible thanks to ransomware.
The rising tide of cybercrime has also come during tectonic change for the education system in England and Wales. For more than 50 years run through local education authorities, since the passage of the Academies Act 2010, a growing number of schools have now converted to ‘academy’ status and are operated by multi-academy trusts (MATs). Over half of all secondary school students in England are now educated in over 2,700 MATs, with the Department for Education aiming to bring all pupils under the umbrella of these organisations within the next few years.
As Sophos’s new white paper, ‘Cybersecurity for Multi-Academy Trusts in England’ explains, however, protecting MATs is anything but easy. While there are advantages in resource allocation in organising academies in this way, the sector as a whole has yet to shake off its reputation for being digital laggards. IT departments often struggle to recruit new members, while those that they do almost never have time to proactively hunt anomalies and threats within school networks. Teachers, too, are often too busy trying to teach to notice attempts by hackers to worm their way into the school’s computer systems.
Ransomware risks
The result has been increased exposure to ransomware across the sector. The shift to online learning at the start of the pandemic saw a massive increase in cybersecurity concerns among IT professionals in the education sector, with 74% reporting to a Sophos survey in 2021 that their workloads had markedly increased over the previous year. Resources are stretched so thin that IT departments often fail to spot the first signs that an attempt by cybercriminals to hold the MAT to ransom is in progress. As a result, academy trusts often pay ransoms to unlock their systems rather than find alternative ways to recover their data – although only 11%, according to one recent survey, succeeded in getting all that data back.
As more MATs are rolled out across England, it is incumbent on headteachers and IT departments to carefully consider how and where their networks are exposed to exploitation by cybercriminals. Legacy systems, for example, must be carefully monitored, while increased training must be provided for teachers and other members of staff to spot the first signs of a breach. And although more MATs are centralising their IT departments into teams responsible for several schools, those at the top of the organisation must remember to adequately resource these teams, lest their workload spiral out of control.
What MATs can do next
Amid the general crisis in ransomware roiling the public and private sectors alike, MATs are increasingly reaching out to managed service providers to obtain the kind of early warning of attempted breaches that the sector has, by and large, lacked until now. As the white paper explains, Sophos’s managed threat response (MTR) service is ideal in this respect, affording schools access to a team of cybersecurity professionals using state-of-the-art AI tools to monitor networks 24/7 for suspicious activity and, if necessary, suppress it.
Indeed, relying on such a team allows schools to maintain high levels of cybersecurity at all times of the year – even during weekends and school holidays. By minimising security incidents in this way, Sophos aims to grant headteachers peace of mind and keep those systems that are increasingly important to the well-being and education of students up and running constantly.