The pandemic has forced teachers and other school staff to work from home and students to take online lessons. This has led to increase in the risk of sensitive data leaking from the school’s network and systems. The cyber criminals have also been quick to take advantage of this situation. The latest figures collected by The National Cyber Security Centre (NCSC) show that 83% of schools reported a cyber incident in 2020.
This article will enhance your knowledge on how to technically safeguard your school from a cyber incident.
Let’s first understand what a Cyber Incident is.
The NCSC defines a cyber incident as a “breach of a system’s security policy in order to affect its integrity or availability and/or the unauthorised access or attempted access to a system or systems”. A cyber incident can take the form of an attack from a malicious party or an accidental breach of a security policy by internal parties.
A cyber attack is an attack launched from one or more computers against another computer or network of computers. There are essentially two types of cyber attacks; One attempts to disable the target computer and the other gains access to the target’s data
An attack can be launched with multiple methods, for example:
Phishing - A technique used to trick a target into taking harmful action such as downloading malware disguised as an important document.
Malware - Short for malicious software. It refers to any software that is designed to cause damage to a target computer or network.
Brute force - An attempt to gain access to systems by trying different passwords with the goal of eventually guessing the correct one.
What can I do to help prevent a cyber incident?
There are many tools and methods that can be used by administrators and users to prevent a cyber incident in your organisation:
a. Manage user privileges - password policies, user decommissioning
User accounts and the governing systems should be configured to be as secure as possible. This includes enforcing a password policy, documenting and applying appropriate access permissions and decommissioning accounts when they are no longer required.
b. Cyber awareness and training
All users should be trained on how to identify a potential cyber attack and what they can do to prevent one or reduce its effectiveness.
c. Patches and updates
A patching schedule should be created by administrators to keep systems up-to-date and secure. User devices should also be configured to stay up-to-date with system and software updates.
Network monitoring is an effective tool against cyber attacks. In many cases, a cyber attack can be detected by reduced performance of systems and network monitoring can flag this and alert administrators.
All devices should have an anti-malware application installed. These scan files and applications for malware and prevent them from being run.
Are you ready to deal with a cyber incident?
It is important to audit your school and determine if you are ready for cyber incidents. As an example, you should be able to answer the following questions with a documented process:
1. What do we do if a user account were to be compromised?
2. What do we do if all school data were to be encrypted by malware?
3. What systems and processes do we have to prevent a cyber incident?
4. Is cyber security referred to in our disaster recovery and business continuity plans?
5. What tests do we do to ensure that we are as secure as possible?
Following the above tips will go a long way in safeguarding your school from a cyber incident.
For a deeper dive into how to improve information security in your school, you can book a free workshop with one of our experts
ABOUT THE AUTHOR:
Marcus is a Senior Technical Consultant at 9ine, responsible for the on the ground management of new build / refurbishment projects.
He specialises in the application and configuration of technical systems and services within schools, including mobile device management (MDM) systems. He holds a bachelor's degree in computer network management and design.