Insider threats remain ever challenging for IT teams. These are security risks that arise from within the organisation. Each year, a series of international events are held to highlight the risks posed from within the firm and other institutions, rather the the typical conceptualisation of cybersecurity risks coming from the outside.
Insider Threat Awareness Month has concluded for 2025. This year’s theme was Partnering for Progress, designed to underscore a critical failure in enterprise security: the disconnect between identity and insider threat mitigation.
Many in the technology world see identity as the starting point for insider threat defence and how continuous identity assurance helps organisations catch misuse before it becomes a breach.
As to the worst offenders for insider activity, while the focus remains with enterprises of all levels, it is schools that could be edging up the list – as unlikely as this might seem at first.
Schools and the insider threat
A new report from the UK’s Information Commissioner’s Office (ICO) has revealed that 57% of the personal data breaches in schools were carried out by the students themselves.
Commentatory Pete Luban, Field CISO at AttackIQ, has explained more about this area to Digital Journal. Luban says: “The UK’s Information Commissioner’s Office (ICO), which is responsible for the information rights and privacy of the public, has revealed that over half of personal data breaches in schools were conducted by the students themselves. The report claims that dares, money, rivalries, and notoriety are among the most common reasons for carrying out the hacks.“
Inadequate security
Why is this the case? According to Luban societal activities are at the root: “A large reason for the ease of access the students enjoyed was inadequate security measures and practices. According to the ICO, nearly a third of the breaches occurred because students guessed common passwords, or literally found login details written down.“
There are measures that can be taken, as Luban explains: “There are a couple of takeaways from this news. The most important is that educational institutions must do a better job of protecting sensitive information. Proper cyber hygiene protocols, such as strengthening passwords and removing student access to them, would solve a large portion of the problems. For the smaller portion of incidents that required more advanced technical skills, schools need to evaluate their cyber defence systems and implement proactive measures that are able to close the gaps that students were exploiting.“
Luban also advises: “Additionally, students must be made aware of the consequences of carrying out these attacks. Reinforcing data protection principles and individual data rights not only makes students aware of the potential punishments for conducting cyberattacks, but also decreases the chances that they themselves are breached as a result of cyber malpractice.”
