Following the release of the DSIT Cyber Breaches Survey 2026, SWGfL and Secure Schools brought together a panel of experts from the Information Commissioner’s Office (ICO), and Government to explore what the findings mean for schools in practice.
Rather than focusing solely on statistics, the session unpacked what is changing across the sector, where the risks are growing, and how schools can respond in a practical and proportionate way.
Cyber Risk in Schools is Growing – Particularly in Secondary Schools
A central theme throughout the discussion was the continued growth of cyber risk, particularly within secondary schools. The latest findings show a notable rise in reported breaches, reinforcing that cyber incidents are now a routine issue for the education sector.
Phishing remains the dominant threat, featuring in the majority of reported incidents. This highlights how attackers continue to rely on human error as a key entry point, making staff awareness and training critically important.
At the same time, the panel was keen to highlight that rising figures should not be viewed purely as negative. Increased reporting may also indicate that schools are becoming more aware of cyber risks and individuals may feel more confident in identifying and recording incidents.
A Growing Gap Between Adoption and Preparedness
While awareness is improving, the discussion repeatedly returned to the issue of preparedness. The survey suggests that although schools are taking action, many still lack some of the core measures needed to respond effectively to cyber threats.
There are clear signs that foundational practices, such as conducting cyber-focused risk assessments, testing staff awareness, maintaining up-to-date systems, and having formal incident response plans, are not yet consistently embedded across the sector.
This creates a growing gap between the risks schools face and their ability to manage them. As the panel emphasised, the basics still matter. In many cases, strengthening these core areas represents the most effective and achievable way to improve resilience.
Cyber Security is Increasingly Seen as a Leadership Issue
One of the more positive messages from the webinar was the level of engagement from senior leaders and governors. Cyber security is increasingly being recognised as a strategic priority rather than a purely technical concern.
However, the panel noted that this recognition does not always translate into consistent action. While many leaders acknowledge the importance of cyber security, it is not always embedded into ongoing governance and decision-making processes.
A key takeaway was the importance of making cyber security a regular part of leadership discussions, keeping it visible, relevant and connected to wider priorities such as safeguarding, operational continuity and reputation.
AI is Creating New Opportunities As Well As New Risks
Artificial intelligence emerged as one of the most significant evolving themes. Schools are adopting AI tools at an impressive pace, often more quickly than other sectors, driven by opportunities to support teaching, learning and efficiency.
However, this rapid adoption also introduces new risks. The panel highlighted concerns around “shadow AI”, where tools are used informally without oversight, as well as the broader challenges of understanding how these systems handle data and what security measures are in place.
A key point raised was that adopting AI does not automatically mean those tools are being used securely. Each new platform effectively becomes part of a school’s supply chain, requiring the same level of scrutiny and governance as any other third-party provider.
Supply Chain Risk Remains a Critical Challenge
Closely linked to AI is the growing issue of supply chain security. Schools are increasingly reliant on a wide range of external services and platforms, yet many still lack structured approaches to assessing and managing supplier risk.
The panel highlighted that this is not a new issue, but one that is becoming more pressing as digital adoption accelerates. Without clear processes for understanding how suppliers protect data and systems, schools may be exposed to risks beyond their immediate control.
As more tools and services are introduced into school environments, ensuring that these relationships are properly managed will be a key area of focus moving forward.
Cyber Security Foundations Still Matter
Despite the emergence of new technologies and threats, the webinar reinforced a consistent message: the fundamentals of cyber security remain as important as ever.
Frameworks such as Cyber Essentials continue to provide a valuable baseline for schools, helping to structure their approach around key controls like multi-factor authentication, secure configuration and access management.
While the requirements may feel more challenging to implement, particularly in complex environments, the panel stressed that these controls are still essential. The goal is not perfection, but progress, starting with the highest-risk areas and building from there.
Informing Meaningful Change
Finally, the panel encouraged schools to view the Cyber Breaches Survey as more than just a set of statistics. Used effectively, it can be a powerful tool to inform conversations, support decision-making and drive improvement.
Whether it is used to benchmark against other schools, highlight risks to leadership teams, or identify gaps in current practice, the survey provides a valuable evidence base for action.
One particularly useful approach discussed was to look beyond headline figures and consider what they imply. For every percentage of schools taking action, there is another proportion that is not, often revealing where the most significant risks remain.
Continuing to Strengthen Protections
Overall, the webinar highlighted a sector that is evolving, with growing awareness and stronger engagement, but also facing increasing complexity and pressure.
Cyber security is firmly on the agenda, and schools are beginning to build more mature approaches. However, challenges remain, particularly around preparedness, supply chain risks and the safe adoption of emerging technologies like AI.
Progress is being made, but there is no room for complacency. Continuing to strengthen the fundamentals, while adapting to new risks, will be essential in building long-term cyber resilience across the education sector.
Take Our Survey
We’re gathering insights from schools to better understand current cyber security concerns, experiences, and support needs. Your responses will help shape future events, guidance and resources.





