Cyber Security Awareness Month is an international initiative to raise awareness about digital security and remind us that there are simple ways to protect yourselves from online threats.
Cyber security should be high on the agenda for any school with a reliance on IT and online systems. Falling victim to cyberattacks can result in disruption to teaching and learning, financial loss, data breaches and can affect staff wellbeing.
This month we are focusing on ways to stay safe and secure; these are:
-
Practical resources for schools
-
Use of strong passwords
-
Turning on multifactor authentication
-
Recognise and report phishing
-
Keep up to date with learning
-
Reporting a school cyber incident
Cyber security and cyber resilience both have an equal part to play in reducing the cyber risk to organisations:
-
Cyber security focuses on preventing hackers penetrating your IT systems
-
Cyber resilience is the ability of an organisation to protect itself from, detect, respond to and recover from a cyber attack
Taking a methodical and proactive approach to cyber security and putting in place basic safeguards can greatly reduce the risk to your organisation.
Free resources to help keep you safe
National Cyber Security Centre (NCSC) – Cyber security in schools toolkits for Boards
https://www.ncsc.gov.uk/collection/board-toolkit
Passwords
Your laptops, computers, tablets and smartphones will contain a lot of your own education-critical data, the personal information of your students, and details of the online accounts that you access. It is essential that this data is available to you, but not available to unauthorised users.
Passwords - when implemented correctly - are a free, easy and effective way to prevent unauthorised users accessing your devices. This link outlines 5 things to keep in mind when using passwords.
https://www.ncsc.gov.uk/collection/small-business-guide/using-passwords-protect-your-data
Avoiding Phishing attacks
Phishing is a type of cyber-attack designed to trick you into 'doing the wrong thing', such as disclosing sensitive information like your username and password or clicking on a link that may download malicious content to your computer.
Email is currently the most common delivery method for phishing attacks. Phishing emails are becoming more and more sophisticated and often look genuine at first glance, but some can still be identified by poor spelling and grammar.
https://www.ncsc.gov.uk/collection/small-business-guide/avoiding-phishing-attacks
Staff Training
The NCSC has produced free cyber security training to raise awareness and help school staff manage some of the key cyber threats facing schools.
https://www.ncsc.gov.uk/information/cyber-security-training-schools