The Department for Education (DfE) has more than quadrupled the annual number of its staff receiving cybersecurity training, a freedom of information request has revealed.
The DfE revealed it has significantly boosted funding in cybersecurity training, from just under £2,000 per annum in 2019/20, to nearly £32,000 the following year. The uplift in spending brought the number of courses on offer to DfE staff from four to 44; in the year to April 2021, more than 30,000 department staff received cybersecurity training, up from just 7,000 the year before.
The figures obtained by the think tank Parliament Street were released on 23 September. The majority of the DfE course attendees completed a series of entry-level cybersecurity e-learning sessions, including a simulated cyber-attack course with remedial phishing training.
Many of the courses were delivered through the Civil Service Learning programme or carried out using internal DfE tools and resources, meaning the investment was significantly lower than the scale of training delivered. The spending goes on 17 specialised training courses and exams for some of its staffers, including on information systems, security risk management and Microsoft 365.
Qualifications offered to staffers include the SABSA Chartered Security Architect Foundation Certificate, PRINCE 2 Agile Foundation & Practitioner Certificates in Agile Project Management, and Cisco Certified Network Associate.
Education has been identified as at-risk to cybercriminals. The risk is heightened because of the large amounts of sensitive data handled and the hitherto low levels of training offered to those working in the sector.
This month, a survey revealed that only 15% of the UK’s top 20 universities have enforced the recommended and strictest level of DMARC (Domain-based Message Authentication, Reporting and Conformance) protection, which defends learning communities from cybercriminals looking to carry out email fraud.
Data from Check Point Research (CPR) shows that the global education sector saw a rise in digital breaches targeting education institutes last month, with the sector experiencing the highest volume of cyber-attacks in July compared to other industries tracked by CPR.
Read more here: ICO sees 20% decline in reports of data breaches