Credit: f_a_r_e_w_e_l_l/CC BY-SA 2.0

A government-backed programme is to offer schools across the country an insurance scheme against cyberattacks and support in responding to incidents.

The risk protection arrangement was introduced by the Department for Education in 2014 and offers all state schools and academies in the UK an alternative to commercially provided insurance schemes. About 40% of eligible institutions have signed up the programme, which offers cover against accidents and legal expenses.

Following the completion of a successful pilot programme, the scheme’s cyber cover element will be extended from the new school year to include a range of additional protection and support offerings.

From September 2022, RPA-member schools will be provided with funding of up to £250,000 to offset an increased cost of delivering learning for up to 90 days following a cyber incident. Schools will also benefit from a round-the-clock hotline and email through which breaches can be reported.

Related content

• Departments to undergo independent audits of cyber resilience
• Government proposes tougher cyber laws for IT outsourcers
• How big is the UK’s cyber skills gap?

Once reports have been made, the DfE will support schools with “an incident response service”, as well as “restoration, remediation, and ongoing monitoring for cyber incidents”.

The DfE worked with the Government Actuary’s Department to design the extension to the scheme, run the pilot exercise, and calculate the necessary increase in subscriptions costs – which are rising from £19 to £21 per pupil, per year.

Liam Daly from the actuary’s department was seconded to the DfE to spearhead the modelling process. 

“Now the cover has been launched, we’ll make sure the price addition is in line with the claims that we’re seeing,” he said. “This is an important development because schools are especially vulnerable to cyber risk, and many can’t get commercial cover. Schools will have support to respond to incidents quickly and reduce their impact.”