Schools & MATs

    You are here:  
  1. Home
  2. Schools & MATs
A stylized image of a panda wearing a dark suit and tie, standing in a bamboo forest. The background is a mix of digital circuit patterns and glowing lights. At the bottom, a graphic overlay with the text, "IS THERE A 'MURKY PANDA' ON THE TIMETABLE? THE LATEST CYBER THREAT." The logo for "D NEWS" is in the bottom right corner.
Tammy Buchanan
Information/Cyber Security

The Latest Cyber Threat: The "Murky Panda"

The Murky Panda (also known as Silk Typhoon) is a cyber threat that has had significant activity since 2023 and has targeted government, technology, academic, legal and professional services. Currently there are reports of the threats only in North America, however, as the Murky Panda has previously targeted compromises in the cloud, it is assumed that they will easily transition to attacks further afield. The threat group is a China-nexus group

Read more …

A detailed flowchart titled "Accountability Framework" showing how the ICO (Information Commissioner's Office) framework and DfE (Department for Education) Digital Standard Trackers align. The central hub is "Accountability Framework" with ten radiating branches, each representing a key area: Leadership & Oversight, Risk Management, Policies & Procedures, Individual Rights, Response & Enforcement, Monitoring Verification & Reporting, Transparency, Records Management & Security, Contracts & Data Sharing, and Training & Awareness. Each branch connects to a box labeled "DfE Digital Standard Trackers," with several icons and checklist boxes underneath. The bottom of the image lists various tools and resources, including "Best Practice Library," "Retention Schedule," "Phishing simulations," "Risk Register," and "Accountability Tracker," which are all linked to the main framework. The overall image illustrates a comprehensive system for achieving and tracking data protection compliance in an educational setting.
Tammy Buchanan
Best Practice Updates

Building a Secure School: Using the ICO Accountability Framework to Meet DfE Digital Standards

The ICO Accountability Framework is a crucial tool for any organisation handling personal data, providing a structured approach to data protection compliance. When applied to the Department for Education (DfE) Digital Standards, it becomes a powerful mechanism for schools and trusts to ensure their technology and data practices are not only efficient but also legally compliant and secure.

Read more …

AI generated photo of the back of a computer screen with hands on a keyboard. Blue padlock with white text saying: Not everyone should have access. White background and black text: The key to protecting sensitive data : least privilege. Recent dismissal case in Nottinghamshire
Tammy Buchanan
Best Practice Updates

Not everyone needs access: The Key to Protecting Sensitive Data

🚫🔒 Sensitive data requires a higher level of security under UK GDPR because of its potential to cause significant harm to individuals if it is lost, stolen or misused.  A recent case of a teacher losing their job after accessing a safeguarding report and transcribing it to her personal computer highlights the both the importance for least privilege access and continual review of access.

Read more …

  1. Alert: Schools receiving Microsoft File Sharing Phishing Emails
  2. School cyber attack: Framlingham College, Suffolk
  3. West Lothian Schools in Cyber Attack
  4. A Wake-Up Call for Cyber Vigilance - Danger in the Threat Landscape for Everyone
  5. New Governor Resources
  6. Are teachers using AI? 83% say its a time-saver
  7. DfE Digital Standards - narrowing the digital divide
  8. Arbor AI - On By Default
  9. DfE Guidance: Choosing a new MIS
  10. Short Guide to AI Video
  11. Safer Internet Day, Cyber Security & Data Protection
  12. The Cyber Resilience Championship
  13. The Multiple Dimensions of Supplier Due Diligence
  14. School shares sensitive pupil information as part of an FOI response
  15. Blacon High School Cyber Attack
  16. WhatsApp and FOI's: ICO Warnings
  17. New AI Guidance from the DfE
  18. What the proposed Government legislative proposal around cyber crime means
  19. DfE update to record keeping and management
  20. Update to data sharing for school immunisation programmes
  21. SLT Digital Lead Profile
  22. The role of governors in cyber security and data protection
  23. Navigating Privacy at the End of Term , Special Occasions and End of Year
  24. South East Technological University has experienced a cyber incident
  25. Safeguarding Identity in Microsoft 365: Protecting the UK Education Sector Against Cyber Threats
  26. Cyber Attack on a Special School
  27. Stealing children's data
  28. Ofqual highlights the value of cyber security training in schools
  29. Fylde Coast Academy Trust Cyber Attack This Week
  30. Calling all IT leads in schools and mult academy trusts!
  31. Ransomware cyber attack on a school in Bromley
  32. School hit by Cyber Attack
  33. DfE Digital Standards for Schools and Colleges Tracker
  34. Schools and Trusts Best Practice Area
  35. ESFA Cyber Essentials Requirement for Colleges from 2024/2025
  36. ICO Reprimands a School
  37. Out of date technology
  38. Data Retention and the Pupil File
  39. Have you assigned your SLT Digital Lead yet?
  40. What's a Cyber Incident and what should we do?
  41. Getting Started with AI (Artificial Intelligence)
  42. Cyber attack on a school during half term
  43. The rise of cyber attacks in schools are causing pupils to miss classes
  44. Cyber attack on a Trust; the aftermath
  45. School Focus: The Vale Federation | Aylesbury
  46. DfE Dealing with Subject Access Requests (SARs) Guidance
  47. Update to the Guidance on Information Sharing from the DfE
  48. Product Focus on Checklists : Initial Trust Plan
  49. Product Focus on Checklists : End of Term Checklist
  50. Product Focus on Checklists : Social Media
  51. Product Focus on Checklists : Lettings
  52. Milk Island: The secret location that allows children to view restricted content on Google Maps
  53. Free Cyber help, advice and training with the Cyber Resilience Centres
  54. The Perils of Paper: The Printing Vulnerability
  55. Product Focus on Checklists : Governors and Data
  56. Product Focus on Checklists : Site Moves
  57. Cyber attack on a University
  58. Product Focus on Checklists : Bring your own device
  59. Product Focus on Checklists : Working out of school/offsite
  60. Cyber Attack on a School
  61. Major cyber-criminal gang Lockbit brought down by UK Law Enforcement
  62. Product Focus on Checklists : Photos and video
  63. Safer Internet Day 2024
  64. Kent Councils Data Breach
  65. Free cyber training for staff
  66. DfE Digital Standards Update
  67. ClassCharts Possible Data Breach
  68. School Focus: St Bernadette's Catholic Primary School | Brighton
  69. Guardians of Privacy: 16. Social Media Checklist
  70. Guardians of Privacy: 15. Navigating Social Media in Educational Settings Summary
  71. Guardians of Privacy: 14. Social Media and Cyber Bullying
  72. Guardians of Privacy: 13. Social Media, Copyright and Intellectual Property
  73. Guardians of Privacy: 12. Social Media and Going Viral
  74. Guardians of Privacy: 11. Staff Social Media Accounts
  75. Guardians of Privacy: 10. Social Media and Cookies
  76. Guardians of Privacy: 9. Social Media and Morality
  77. New Resources for Schools from the ICO
  78. Guardians of Privacy: 8. Social Media Policies
  79. Guardians of Privacy: 7. Social Media Data Retention
  80. Guardians of Privacy: 6. Posting Safely
  81. Guardians of Privacy: 5. Social Media and Consent
  82. Guardians of Privacy: 4. Social Media Access Control
  83. Guardians of Privacy: 3. Social Media Channels
  84. Guardians of Privacy: 2. Law and Regulations
  85. Phishing attacks targeting schools - alert from City of London Police
  86. The ICO reprimands a Multi Academy Trust
  87. Guidance for the use of school email and applying email retention in schools
  88. Data Protection Tips for Early Years Settings
  89. Trust Initial Plan Checklist Update
  90. Update on Advisory for Rhysida Ransomware
  91. Trust Initial Plan for Data Protection Compliance (for Multi Academy Trusts)
  92. Google for Education Resources: Helping IT Admins meet DfE digital and technology standards
  93. Lettings Best Practice and Guidance
  94. The UK Online Safety Bill becomes an Act (Law)
  95. Considerations when migrating to a new MIS
  96. The importance of software updates (PaperCut vulnerability and Rhysida ransomware)
  97. Public bodies and sensitive data
  98. ICO: 10 Step guide to sharing information to safeguard children
  99. Email and Security: ICO recent guidance
  100. Social Media Policy
  101. Data Protection and Cyber Security (Inset Day) Training Ideas
  102. Changes to Microsoft Free Licensing for Schools
  103. What to do in the event of a Cyber Attack
  104. How KCSIE is linked to Cyber Strategy
  105. VICE SOCIETY - Ransomware attacks on schools
  106. Using Tags if you are a group of organisations in the DPE Knowledge Bank
  107. Cyber Insurance in the Public Sector
  108. Cyber Attack: Leytonstone School
  109. The ICO Reprimands a school
  110. Cyber Attack: Dorchester School
  111. Knowledge Bank Role Types: Admin, Staff and Trustee
  112. Cyber Attack: Wiltshire School
  113. Types of Cyber Attacks: The Insider Threat
  114. Why your data is profitable to cyber criminals
  115. Striking Data Breach
  116. January Cyber update - How Can Schools Help Prevent Cyber Attacks?
  117. FOI: Vaccination Justifications
  118. The Education sector now at highest risk of cyber attacks
  119. Schools Blocked from Using Facial Recognition Systems
  120. The Children's Code
  121. Cyber Attacks
  122. Protocol for Setting Up and Delivery of Online Teaching and Learning
  123. Class Dojo International Data Sharing
  124. Secure file transfer of files using Royal Mail
  125. Emergency contacts and consent
  126. Best Practice for Managing Photos and Video
  127. Headteacher fined for breach of data protection legislation

General news

Information/Cyber Security

Knowledge Bank Updates

Best Practice Updates

Legal

Events & Podcasts

©2026 Data Protection Education Ltd.

Search