Cyber safeguarding and intervention practices

<< Return to all News
A person is typing on a laptop with a focus on cybersecurity elements such as a lock icon and security-related text

Cyber safeguarding and intervention practices

Morton Michel have observed the increased frequency of conversations around cyber security in 2026 but, crucially, noted that there is a lack of confidence and understanding of the topic.

The recent Cyber Security Breaches Survey 2025 survey supports this, where only

  • 7% of businesses have specific, standalone cybersecurity policy
  • 38% have cover as part of wider insurance package

Lack of awareness of the types of existing cyber threats, early interventions and severity detection tools mean many people, regardless of hearing the shocking statistics, may not consider it a top priority.

For nursery leaders this means that setting costs aside for the new financial year often comes at a cost of neglecting cyber. This doesn’t have to be the case. Rather than taking a more ad-hoc or reactive approach, understanding cyber through typical crimes and criminal intentions, immediate response post attack and a reliable tools and services and can help reduce uncertainty.

We’ve developed a concise summary that Nursery leaders can use:

Areas Criminals Can Exploit

  1. Identity Leaks- children, staff or parents name, contact number, address and images being shared on criminal marketplaces
  2. Exposing financial information- bank details being exposed via fraudulent transactions
  3. Login credentials- access to your cloud data, email inboxes, messages

There are many more that are detected by Cyber Prepare to offer you personalised recommendation.

Immediate response after a cyber attack

What you can do:

  • Document process- photos, error messages, date, time and situation
  • Remove affected devices by disabling Wi-Fi, Bluetooth, cloud, network equipment, unplugging ethernet cable server.
  • Contacting support or local provider including insurance.

When and who to report?

Contacting us: If you have cyber cover as part of your policy, informing us will mean we can guide you through what exactly can be done to help address the loss.

Contacting parents: if they are affected by the crime i.e. there has a breach of GDPR, it is important to inform them. Use our ARAG legal advice helpline for further support.

Checklist

  • Does your company encrypt sensitive information? Yes No

    (at rest, in transit and on mobile devices)

  • Do you have a cyber incident response, business continuity or disaster recovery plan?
  • Do you have cyber training provided to staff including senior staff, short term or temporary staff.

 

For more questions like this, check out Cyber Prepare.

Cyber Prepare

All in one platform.

Across all security control categories ransomware, phishing, social engineering, business email compromise and third-party vendor compromise.2

It uses a simple questionnaire to assess areas of threat.

To get you prepared, it provides expert led actions, recommendations and insights in a comprehensive report.

Most importantly, you will also receive a concise remediation dashboard to track present risks and best security practices.

So, you have an exact plan for what actions to take personalised to your nursery settings.

Sources:

  1. https://www.gov.uk/government/statistics/cyber-security-breaches-survey-2025/cyber-security-breaches-survey-2025#chapter-7-conclusions
  2. https://www.cyberprepare.com/

This article is for general information only and is not advice. The views expressed may change and may not be complete or up to date. No responsibility is accepted for any loss arising from reliance on this article. You should seek professional advice before acting on any information contained here.