Why does cyber security matter for Early Years practitioners?

The National Cyber Security Centre issued guidance for Early Years practitioners earlier on this year, following a rise in the threat level facing the education sector.

As an Early Years practitioner, you are probably questioning why you are a target for cyber criminals and may believe that you possess nothing that would be of interest.

Sadly, this couldn't be further from the truth and a key thing to remember is that cyber criminals target vulnerabilities, not specific businesses. We know that not all teachers and support staff are very knowledgeable when it comes to cybersecurity. But we know that the appetite to learn through staff training, and new resources to help bridge this knowledge gap.


For Early Years practitioners, cyber security also plays a role in safeguarding the children in your care. Good cyber security means protecting the personal or sensitive information you hold on these children and their families.


Your national Early Years legislation and advice and the Data Protection Act require you to hold confidential information and records about staff and children securely, and ensure these can only be accessed by those who have a right or professional need to see them (either physically or digitally/online).


The NCSC's latest warning gives detailed guidance on 4 key areas that practitioners, teachers and other school staff should follow to help protect their children and school.


One key area they detail is how you as a school or nursery, communicate with your families which includes using social media.


If you send out newsletters, social media posts, or any other communications that include photos or details of children in your care, make sure you control who can access these. For example, you should password protect newsletters so only families who have been given the password can open them. You should also check the privacy settings across any social media accounts you use, so that only the child's carers have access (the NCSC has published guidance to help you do this).


How can the Cyber Resilience Centre for the South East help you school or nursery?

To help the education sector outsmart cyber criminals and toughen up their cyber security, the Cyber Resilience Centre for the South East (SECRC), has been established to provide businesses and organisations, with an affordable way to access cyber security services and consultancy to help improve cyber resilience.


Schools, colleges and universities in the South East can sign up for free Core Membership online and receive a welcome pack full of practical resources and tools that will help you identify your risks and vulnerabilities and the steps you can take to increase your levels of protection.


Find out more here.


The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the South East is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the South East provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

The Cyber Resilience Centre for the South East does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the South East is not responsible for the content of external internet sites that link to this site or which are linked from it.