What this course contains

The course introduces the core cyber security framework relevant to education, including:

• An overview of your legal and regulatory obligations.
• The Data Protection Act / Data Use and Access Act and requirements around data security and breach reporting.
• The Network and Information Systems (NIS) Regulations and what they mean in practice.
• The Computer Misuse Act and criminal cyber activity.
• The Privacy and Electronic Communications Regulations (PECR).
• The Product Security and Telecommunications Infrastructure Act.
• DfE guidance on fraud awareness and links to the Economic Crime and Corporate Transparency Act.
• Future developments, including the forthcoming Cyber Security and Resilience (Network and Information Systems) Bill.
• The increasing role of AI - including Agentic AI - in both cyber risk and cyber defence.
• Practical steps schools can take to assess whether their cyber security measures meet required standards.

The session also explores supplier assurance and the importance of robust screening of IT and cyber providers as regulatory expectations increase.

Why this matters

Cyber threats are increasing in scale, sophistication, and frequency. Schools hold large volumes of sensitive personal data and are increasingly targeted by cyber criminals.

Failing to implement appropriate security measures can result in serious disruption, regulatory enforcement, reputational damage, and financial loss. With new legislation on the horizon and cyber security identified as a priority within the DfE’s 2030 strategy, schools must ensure they understand their responsibilities and take proactive steps to strengthen resilience.

Intended outcomes

By the end of the session, participants will:

1. Understand the current legal framework governing cyber security in education.
2. Be aware of upcoming legislative changes and how they may impact suppliers and service providers.
3. Recognise the growing risks associated with AI-driven cyber activity.
4. Be able to assess their organisation’s cyber security posture and identify practical improvements to reduce risk and strengthen compliance.

Assessment

There is no formal assessment. A live Q&A will be available throughout the session to support practical discussion and application.

Date and Time

• Tuesday, 10th March 2026 at 10:00am – 10:45am.

Location

• This course will be run remotely via Zoom.

Cost

The cost of this briefing is £30 plus VAT per person for Judicium Data Protection Clients and £45 plus VAT per person for non-Judicium Data Protection Clients.

How to book

Click HERE to register your place on this course or the BOOK NOW button at the top of the page.  If you have any questions about this course please contact us via phone 0345 548 7000 (opt 1, then 1) or email: dataservicesadmin@judicium.com.

Please find our terms and conditions for bookings here: https://www.judiciumeducation.co.uk/dpo-training-terms-and-conditions-26