
If you're responsible for IT in any school, you've probably encountered the familiar scenario of another compliance requirement that sounds simple in theory but proves complex in practice. And if your school or trust uses the Department for Education’s Risk Protection Arrangement (RPA) to cover its insurance needs, you can add the Police CyberAlarm (PCA) to that list, along with other requirements.
PCA registration is simple, but registration alone does not provide the full scheme benefits. For that, you need to install the collector.
The statistics tell a concerning story. According to the Department for Science, Innovation and Technology's cyber security breaches survey 2025, schools continue to experience more cyber security incidents than businesses overall. However, many schools struggle with the technical requirements to protect themselves adequately. Police CyberAlarm registration is one of the four mandatory conditions for RPA cyber cover, but installing the collector software adds an extra layer to a school’s cyber defences.
Installation of any new software on a school network needs careful consideration. Does the network have the necessary infrastructure to run it? What resources are needed for its ongoing management? Schools’ time and energy may be better spent elsewhere.
However, using the right education-focused internet service provider (ISP) removes these technical barriers entirely. RM, working in partnership with PCA, hosts a centralised collector in RM's core network. Upon registering with Police Cyber Alarm, a school receives a unique membership code. The school then provides the code to RM, allowing RM to deploy an instance of the collector to the school, who then start receiving the benefits of the service as if they had installed it themselves, but without any additional infrastructure or need to install, configure and deploy it.
What is Police CyberAlarm?
PCA is a free and secure cyber threat tool funded by the Home Office, led by the National Police Chief's Council and delivered by Pervade Software Ltd. Designed to help any UK organisation, subject to certain technical requirements, understand and monitor malicious cyber activity targeting their networks, it’s an early warning for potential threats.
The system works in two ways. Firstly, our centralised collector analyses and feeds inbound only data back to Police CyberAlarm. This monitoring tool gathers inbound activity logs from internet-facing devices like firewalls. Secondly, Police CyberAlarm provides vulnerability scanning, helping reveal potential security gaps that cyber criminals could exploit.
Registration versus monitor installation
PCA Registration |
PCA monitor installed |
|
Compliance with RPA |
✅ |
✅ |
Monthly cyber trends newsletter |
✅ |
✅ |
Regular reporting |
❌ |
✅ |
Vulnerability analysis |
❌ |
✅ |
Threat intelligence |
❌ |
✅ |
Improving national understanding |
❌ |
✅ |
The challenges of self-implementation
Implementing their own instance of the collector on the network can prove problematic for schools. The process requires technical expertise that many education settings lack.
The standard installation involves deploying monitoring software on the school network infrastructure, configuring it to communicate securely with PCA, and ensuring ongoing connectivity and data transmission. The monitoring tool requires minimum system hardware standards. The requirements are not particularly onerous, but the most commonly used method can incur licensing costs for a virtual server.
Network administrators must ensure the monitoring tool integrates properly with existing systems without disrupting other systems that staff and learners rely on.
The hassle-free way to implement Police CyberAlarm
RM has implemented a suite of cyber security features on its broadband infrastructure at a network level, including PCA. This means that all RM Broadband customers can enjoy the benefits of PCA monitoring and reporting.
If using RM Broadband, schools get the PCA tool with:
- Automated collector configuration and deployment
- 24/7 monitoring by experts
- Automatic updates and maintenance
- No additional hardware or licensing costs
Multi-academy trusts benefit from this centralised approach to PCA because it avoids implementing the monitoring tool across multiple sites with potentially different network configurations and IT capabilities.
Beyond compliance: additional benefits
By providing data from your gateway security devices about requests received from the internet, your school or trust receives multiple benefits in exchange
- Regular reports containing analysis of your data
- Advice on how to address suspicious activity reported by your security devices
- Scanning of digital assets to reveal existing vulnerabilities
- Reports on regional and national threats identified by PCA
Next steps for schools
To ensure that they are maximising the available benefits from PCA, schools and trusts should audit their current situation by asking:
Does your school use the Risk Protection Arrangement?
If so, you must at least register with Police CyberAlarm. Having the monitor tool as part of your broadband
connection will bring additional benefits with minimal effort.
Does your school use different insurance cover?
If so, does it include cover to help deal with cyber attacks? What are the terms and conditions? They could
include a requirement to use PCA as part of your defence against cyber attacks. Does your school already meet
the terms and conditions?
Does your ISP provide an extra layer of cyber security protection as standard?
By choosing RM as your broadband provider, your school can complement and enhance its protection without added
effort or cost. RM Broadband also includes cyber security protections to meet the Department for Education’s
digital standards.
If your answer to either of the first two questions is ‘yes’ or ‘no’ to the third, consider switching to RM Broadband.
Get in touch to find out more at rm.com/contact.