EDUCATION: Patching for Cyber Essentials


The past twelve months has seen an unprecedented surge in the number of cyber-attacks targeting the education sector.

Whereas the National Cyber Security Centre (NCSC) has recommended a ‘strength in depth’ approach to addressing this risk, the Education & Skills Funding Agency has taken this one step further and made Cyber Essentials Plus a requirement for the 2021 to 2022 funding year.

Patching is a major part of protecting IT environments and achieving Cyber Essentials. Almost two-thirds of all security breaches exploit a vulnerability for which a patch has already been made available; it just has not been applied.

For many education establishments, patching can be challenging, overstretched internal teams, vast numbers of servers and the need to patch out-of-hours all contribute to vital updates being missed. It is not uncommon for teams to fall behind with patch management however, doing so only compounds the pressure on the IT team while exposing the organisations to far greater risk.

Download our Best Practice Guide to understand how outsourcing your patching can help you achieve Cyber Essentials Plus.

DOWNLOAD YOUR COPY