COMPUTING & IT RESOURCES


Cyber security: a top priority for the new academic year


Education Today hears from DI Dan Giannasi, Head of Cyber & Innovation at the North West Cyber Resilience Centre (NWCRC)


However, this reliance has also made educational institutions prime targets for cyber attacks, as evidenced by the statistics from the Government Cyber Security Breaches Survey 2024. The survey found that 97% of higher education establishments and 86% of further education colleges experienced a cyber breach in the last year. It also found that 71% of secondary schools and 52% of primary schools experienced a breach.


Education establishments are particularly vulnerable to cyber breaches due to the vast amounts of sensitive data they store, which includes personal information, financial records, and student coursework.


A


s the new academic year begins, now is the right time to tighten cyber security to prevent the chances of a cyber attack or data breach. The digital landscape within education has evolved rapidly, with schools, colleges and universities increasingly relying on technology for everything from admin, planning and teaching through to remote learning.


September marks a crucial period within education, with new staff members starting and new cohorts of students, all of which amplifies the risk of cyber attacks. The introduction of new devices and user accounts creates multiple entry points that cybercriminals can exploit. However, as education budgets have been repeatedly cut, IT and cyber security is often one of the first outlays to be stripped back. On top of this, the onset of using more online learning and technology since the Covid pandemic has also increased the chance of attack, creating more entry points.


Further and higher education establishments are particularly susceptible to entry-level attacks, like phishing, due to large numbers of employees


42 www.education-today.co.uk


and students accessing their IT systems. Many of these users lack awareness of common cyber threats, creating numerous vulnerabilities. Cyber criminals are becoming much more sophisticated very quickly, often using new tech and AI to create much more realistic scams and phishing emails. Phishing emails can lead to malware being installed on a school or college’s IT systems, and can even lead to ransomware, which means that access to data is withheld unless a financial ransom is paid.


On top of this, spear phishing is also a growing risk, where fraudsters will target a specific person, possibly in the finance department or a budget holder department head, and will imitate them to authorise a specific payment or invoice to their own bank accounts.


Once a cyber breach has occurred, the damage has been done and it can be very difficult to locate the fraudster, especially as it’s highly likely they are not based in the UK. This is why we work closely with the education sector to help protect them against these threats.


Phishing attempts are so common that it’s a case of ‘when not if’ a school or college will be targeted. They absolutely must be taking proactive steps to prevent cyber breaches, rather than dealing with them reactively. There have been numerous cases of data breaches and emails leaked from universities and colleges over the past few years. This causes


September 2024


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48