Cybersecurity Guidance and Supports

Increasing number of cyberattacks on schools: There are a number of reasons for the increasing number of cyberattacks and cyber-incidents affecting schools. Schools have become highly reliant on digital and online systems, as they manage large amounts of critical  data, including personal data on staff and students/pupils, as well as data relating to teaching and learning. The shift to using digital and online learning has significantly increased the risk, as schools increasingly rely on a range of digital and online tools. As a result, schools have become more ‘attractive’ targets for cybercriminals.

• Data relating to individuals is valuable and is bought and sold for profit by cybercriminals as a commodity on the ‘dark web’.
• Schools don’t see themselves as profitable and attractive targets, however research clearly shows that cyberattacks on schools are rapidly increasing.
• It’s no longer a matter of ‘if’ a school will be attacked or experience a cyber-incident, it’s a matter of ‘when’ and ‘how’.
• Schools have significant quantities of ‘potentially profitable’ data on staff and students/pupils.
• Many users have the same or similar login details to access different school and non-school services. In such cases if an attacker gains access to just one user personal or school account they could then easily gain access to other accounts of that user.
• While cyberattacks are generally perceived as being from external parties, they can also be initiated by an internal school staff member or student.
• Schools generally lack the necessary expertise and resources to implement effective cybersecurity measures, leaving them exposed to increasingly sophisticated attacks from cybercriminals.

These two initial resources are provided to assist schools in raising cybersecurity awareness, and in training their staff and students about cybersecurity, cyber-incidents including typical examples of cyberattacks on schools.

Firstly this slide presentation is an overview on cyberscurity which is recommended as an awareness and training resource for schools. It can be downloaded from here: 

Secondly this short text based summary document on cybersecurity focuses on the reasons behind increasing levels of threats to schools, and on malware and phishing. It can be downloaded from here: 

We also present two ‘Quick Guides’ from the National Cyber Security Centre (NCSC), on Cybersecurity for Schools  and on Phishing.

Cybersecurity priority areas for schools: For each of the areas listed below we have provided some self-reflection review questions for schools so that they can assess their own cybersecurity readiness against the threats of cyberattack or a data breach.

• Overall School Cybersecurity Policy
• Controlling access to key systems and data
• School network/WiFi security, other systems
• Software and application security updates
• Protecting computing devices
• Data backups and recovery
• Incident response and recovery
• Cybersecurity awareness and training

This document allows schools to review each of these areas in detail and can be downloaded from here:

In this section we provide a school cybersecurity policy template which addresses the seven areas below. Schools can modify and adapt the policy template to address specific details in their own school.

1. Controlling access to key systems and data
2. School network/WiFi security, other systems
3. Software and application security updates
4. Protecting computing devices
5. Data backups and recovery
6. Incident response and recovery
7. Cybersecurity awareness and training

A School Cybersecurity Policy Template, which schools can review and adapt to meet their own circumstances is provided here

A ‘Table of school Roles and Responsibilities’ referred to in the Schools Cybersecurity Policy Template, is provided here:

This resource is provided to raise awareness within the School Leadership Team about cybersecurity, cyber-incidents including typical examples of cyberattacks on schools.

The slide presentation can be downloaded from here: 

Three additional cybersecurity guidance resources are provided to assist schools in adapting the Schools Cybersecurity Policy Template to meet their own specific needs.

Firstly an Authentication/Access Policy Guide and Template is provided. Authentication is a process to ensure that only users with the correct login/access details are allowed to access digital and online schools resources and systems. This guide can be downloaded from here:

Secondly a ‘Cybersecurity Incident Response and Recovery Guide’ is provided to ensure that when a cybersecurity incident or data breach does occur, that the school already has a plan in place outlining how it will respond to the situation. It can be downloaded from here:

Finally a short guide is provided on Cybersecurity Awareness and Training in schools for staff and students/pupils. It can be downloaded from here: 

Frequently Asked Questions (FAQs):  If schools have cybersecurity related questions they can email these to Oide Technology in Education at ictadvice@oide.ie

This new short course introduces the topic of cybersecurity for schools from a whole-school leadership perspective. It outlines key cybersecurity concepts and highlights best practices for school leaders and digital learning teams. It’s available at:

NEW! Cybersecurity for Schools

What types of cyber threats are schools facing?

Schools are increasingly targeted by cyberattacks due to their heavy reliance on digital systems and the value of stored information. Cybercriminals often exploit weak or reused login details and deploy malware, phishing, or ransomware—meaning it’s not a question of if but when a school may be affected.

Why are schools considered attractive targets to cybercriminals?

Schools store significant personal data about students and staff—which can be sold or exploited. Additionally, many users use the same login details and passwords across different private and school accounts. This increases the risk if any one account is compromised. Data brokers collect and sell both public and private information—including what’s shared on social media and public records. This data can make schools more vulnerable to targeted attacks.

How can users stay vigilant against phishing or scam attempts?

• Manage human risk, the human element is the weakest link
• Staff and students often fall for social engineering—phishing emails, fake alerts, or scams.
• Promote a culture of “think before you click”—never open unsolicited links, attachments, or QR codes.
• Be cautious with unsolicited emails or calls claiming to offer IT help. They may mimic trusted contacts or request you to click links or download “updates” that are malicious.

What resources does Oide TiE provide to help schools with cybersecurity training and awareness?

Oide TiE offers a range of resources in this section of our website including:

• A slide-based Cybersecurity Awareness and Training presentation, which answers many frequently asked questions.
• A text-based cybersecurity summary, which explains increasing threat levels, malware, phishing, and how to mitigate risks.
• These resources offer guidance on identifying cyber risks and strategies to reduce those risks. They focus on how strong cybersecurity can protect schools, prevent disruptions from cyberattacks.

Are there recommended technical steps for schools to improve cybersecurity?

Yes, Oide TiE provides guidance on managing digital tech infrastructure, including cybersecurity measures, and offers templates and support for schools.

Why is having a school cybersecurity policy important?

A cybersecurity policy provides a comprehensive approach and encourages schools to assess their readiness across several areas, ranging from access control and network security to backups, incident response, and awareness training. A well implemented school cybersecurity policy ensures each critical area is covered consistently. By addressing areas like incident response, software updates, device protection, and training, all within one policy, schools can better prepare, manage, and recover from cyber incidents. The policy clarifies roles & responsibilities, this clarity is vital during incidents, as everyone then knows their role.

What’s the link between overall digital infrastructure and cybersecurity?

Cybersecurity and data protection are integral parts of a broader Digital Technology Infrastructure (DTI). A well-planned DTI enhances learning and protects against cyber threats.

Who should we contact for further technical or cybersecurity support?

Schools can contact Oide TiE for additional guidance. Our contact email is ictadvice@oide.ie.