search.noResults

search.searching

saml.title
dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
COMPUTING & IT RESOURCES


Survey highlights urgent need for increased cyber security in schools


The government-endorsed Cyber Essentials scheme enables organisations to be certified independently for having met a good-practice standard in cyber security


Cyber Security is now a board level responsibility. The NCSC’s Board Toolkit helps boards to understand their obligations, and to discuss cyber security with the technical experts in their organisation.


Visit our website for links to the Toolkit and other useful downloads. Schoolsbroadband.co.uk/network-security


How to identify good security service providers


The government-endorsed Cyber Essentials scheme enables organisations to be independently certified for having met a good-practice standard in cyber security. Check your security provider is endorsed by this scheme. It requires providers to enact basic technical controls across five areas: • Boundary firewalls and internet gateways • Secure configurations • User access controls • Malware protection • Patch management (i.e., applying software updates).


W


hen virtually all school data is stored on the computer, making sure it’s safely protected should hold no greater importance in your IT department. A data breach could mean loss of access to your entire network, resulting in mass disruption to the entire school. The latest Cyber Security Breaches Survey from The National Cyber Security Centre showed that nearly half of all primary schools and 63% of secondary schools identified breaches or attacks between May 2022 and April 2023. Phishing attacks were by far the most reported, with over 80% of schools saying they had suffered such an attack.


Of the schools attacked, 37% of primary schools and 49% of secondary schools were significantly impacted. Most commonly, schools reported needing additional staff time to deal with the incident and needed new measures to protect against future occurrences.


What is Phishing?


This definition is provided by the National Cyber Security Centre: “Phishing is when attackers attempt to trick users into doing ‘the wrong thing’, such as clicking a bad link that will download malware or direct them to a dodgy website.


Phishing can be conducted via a text message, social media, or by phone, but the term is mainly used to describe attacks that arrive by email. Phishing emails hide amongst the huge number of benign emails that busy users receive. Attacks can install malware (such as ransomware), sabotage systems, or steal intellectual property and money.”


How can schools protect themselves from Phishing and other cyber- attacks?


As well as ensuring your school has a robust security monitoring solution, any respectable security organisation will tell you: “Your school or workforce is always the weakest link.” Staff and pupils should be regularly trained in identifying potential suspicious activity, what to look out for and what to do. While security services such as the Schools Broadband Hosted Fortinet solution are designed to identify and protect your organisation from falling victim to attacks, everyone in your organisation should undergo regular cyber security training to minimise risks. Help can be found using the following guidance.


Government guidance and initiatives The national Cyber Aware communications campaign offers tips and advice to protect individuals and organisations against cyber-crime.


The 10 Steps to Cyber Security guidance summarises steps organisations can take to protect themselves.


40 www.education-today.co.uk November 2023


Example checks to ensure a reliable security service provider • Check your security provider is on an approved supplier framework (e.g YPO, CCS). Their security service will already have been scrutinised • Demand ISO 27001 or Cyber Essentials accreditations for security service providers • Undertake your own risk assessments where suppliers have access to IT systems • Restrict supply teachers in schools to guest Wi-Fi networks


The large volume of detailed records held by schools and multi academy trusts make them an attractive target for cyber criminals. New threats are being developed globally by the hour, with successful attacks resulting in devastation: stolen data, school information becoming inaccessible, criminal access to staff and parent bank accounts and school Management Information Systems.


Cyber Security Specialist – Schools Broadband


Schools Broadband are cyber security specialists and have been providing managed security services for schools and Multi Academy Trusts since 2007. Protecting over 2,200 schools and with multiple security awards from the Internet Service Providers Association, speak to Schools Broadband about improving your school’s resilience.


u01133 222 333 (Option 3) uinfo@schoolsbroadband.co.uk uwww.schoolsbroadband.co.uk


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44