Keeping Children Safe in Education 2025

TL;DR – In Summary:

From September 2025, schools must demonstrate active understanding and management of their filtering and monitoring systems, not just have them installed.

New requirements include AI risk mitigation, annual self-assessments using DfE tools, and senior leadership accountability.

Schools relying solely on IT providers’ assurances risk non-compliance.

Action needed:

Audit your current systems NOW and ensure leadership teams understand how they work.

Right now, across schools throughout the UK, safeguarding leads are quietly worrying about September 2025. They’ve heard whispers about KCSIE updates but haven’t had time to dig into the details, hoping it’s just another set of “technical changes” they can delegate to their IT provider. If this sounds like your situation, you’re absolutely not alone – and your instinct that something bigger is happening is spot on.

 

Understanding the Shift

The Department for Education has fundamentally shifted from passive to active digital safeguarding requirements, and honestly, this change is catching many schools off guard. It’s completely understandable if you’re feeling unsettled by the increased expectations – these really are more demanding than previous updates.

The core change is this:

From September, schools and colleges in England will be expected to ensure that senior leaders and DSLs understand how filtering and monitoring systems work, including how to manage them and escalate safeguarding concerns.

This represents a significant departure from previous expectations where schools could confidently delegate responsibility entirely to IT providers. Now, senior leadership teams must demonstrate active understanding of their safeguarding technology – and many leaders are understandably worried about this responsibility shift.

 

The Four New Expectations

  1. Leadership Accountability – Senior leaders and Designated Safeguarding Leads can no longer claim ignorance about how their systems operate. Governing bodies and proprietors have overall strategic responsibility for filtering and monitoring and need assurance that the standards are being met.
  2. Mandatory Self-Assessment – Schools must use the DfE’s Plan Technology for Your School self-assessment tool to review current arrangements and receive tailored recommendations. This isn’t optional guidance – it’s an expectation that OFSTED will likely scrutinise.
  3. AI Risk Management – Perhaps most challenging, schools must identify and mitigate risks related to generative AI, recognising that filtering and monitoring systems must address not just static content, but dynamic and AI-generated material as well. Most current systems weren’t designed for this challenge.
  4. Real-World Testing – The days of trusting supplier documentation are over. Schools must actively check that filtering and monitoring systems work in practice, not just on paper.

 

Expanded Digital Threats 

KCSIE 2025 significantly broadens the definition of online safeguarding risks. Content risks now explicitly include: misinformation, disinformation (including fake news), and conspiracy theories as clear safeguarding harms. Schools must now protect students from information warfare as actively as they protect them from inappropriate content.

 

What This Means for Your School’s Systems

The new requirements create immediate practical challenges:

For Designated Safeguarding Leads: Review and update school policies to reflect the 2025 expectations. Be confident in how your filtering and monitoring systems operate, and how to respond when concerns are raised.

For IT Teams: Support the school in meeting its statutory duties by maintaining effective, context-sensitive filtering. Regularly test whether your system blocks harmful content and generates appropriate alerts.

For Governors: Ask for assurance that filtering and monitoring responsibilities are understood and managed. Expect to see evidence that systems are reviewed and tested regularly, and that they are working as expected.

 

Annual Reviews

Schools must now review your filtering and monitoring provision at least once every academic year. The review process should identify additional filtering and monitoring checks that are needed. This creates an ongoing compliance burden that many schools haven’t budgeted for or planned.

 

The Parallel Pressure of Cyber Security

Running alongside KCSIE updates, schools face enhanced cyber security expectations. Clarified wording around cybersecurity standards, reinforcing their role in helping schools build resilience against cyber-threats demonstrates government recognition that digital safeguarding and cyber security are inseparable.

The reality is clear: Cyber incidents and attacks have significant operational and financial impacts on schools and colleges, potentially leading to significant and lasting disruption, including the risk of repeated future cyber incidents and attacks, including school or college closure.

 

School Leaders Are Feeling Overwhelmed (And That’s Completely Valid)

If reading about these new requirements is making you feel anxious, that’s a perfectly reasonable response. School leaders are already managing unprecedented pressures, and now they’re being asked to become technical experts in areas many never expected to handle personally.

Here’s why your concerns are entirely justified:

The Technical Learning Curve: Understanding how filtering and monitoring systems actually work requires technical knowledge that wasn’t previously expected of senior leaders. You’re already experts in education, finance, HR, and countless other areas – becoming a technology expert as well feels overwhelming because it is a significant additional responsibility.

The Accountability Shift: Previously, you could trust that having systems in place was sufficient. Now you need to actively demonstrate understanding and management capability, which feels like a much higher bar because it genuinely is.

The AI Challenge: Most filtering systems weren’t designed to handle AI-generated content, yet schools must now identify and mitigate risks related to generative AI, recognising that filtering and monitoring systems must address not just static content, but dynamic and AI-generated material as well. This is genuinely complex technology that even IT professionals are still learning to manage.

 

Taking Action: Your September Readiness Checklist

Immediate Actions:

  • Audit your current filtering and monitoring systems
  • Complete the DfE self-assessment tool and document your findings
  • Identify gaps in your senior leadership’s understanding of system operations
  • Assess AI risk across your digital estate

Strategic Planning:

  • Develop tailored testing protocols for real-world system effectiveness
  • Create clear escalation procedures for safeguarding concerns
  • Create an annual review schedule and accountability framework
  • Update governance policies to reflect new leadership responsibilities

Implementation:

  • Deliver targeted training for senior leadership and DSLs
  • Implement enhanced monitoring for AI-generated content risks
  • Establish regular testing protocols for system effectiveness
  • Document all changes for OFSTED readiness

 

Feeling overwhelmed by KCSIE 2025 requirements is completely normal – these changes really are more demanding than previous updates. The difference between schools that struggle and those that succeed will be recognising that you don’t need to become technical experts overnight – you need trusted partners who can translate complex requirements into manageable action plans.

 

 

Need Help Keeping Children Safe Online?

Using the form below, contact Dataspire for a comprehensive safeguarding systems review that helps you understand exactly what you need to know, without needing to become a technical expert yourself.

Get in touch