Cyber security has always been a priority for schools but with the number of cyber attacks high, its profile is rising again. Even before COVID-19, research undertaken by the National Cyber Security Centre (NCSC) and the London Grid for Learning (LGfL) indicated that the vast majority of our primary and secondary schools (83%) were reporting at least one security incident every year. With schools stretching their IT systems to accommodate remote learning and more digital applications, this number seems set to increase. We’ve already seen attacks on Microsoft servers and incidents in Nottinghamshire/Derbyshire and Leicestershire this year.
What are the biggest cyber security threats in 2021?
According to the NSCS and LGfL research, the highest proportion (69%) of the 430 schools canvassed experienced phishing attacks. 30% suffered malware infection or ransomware, 20% fell victim to spoofing attacks, and 20% encountered illicit access by students and staff. As a result, schools experienced periods with no access to important information, financial loss and data loss, as well as lost teacher time.
How to mitigate the threats?
It’s important to remember that any school can become a victim of cyber crime, however, there are steps that schools can take to mitigate the risk:
Audit your IT system
Reviewing your IT system will help you understand the level of risk your school is open to.
- Document the services connected to the internet, the number and type of devices the school has, and the organisations that provide you with IT services.
- Identify which parts of the infrastructure are most critical to your school’s smooth running and prioritise them in terms of security.
- Assess your protection at network level. Is the network configured securely with firewalls? Are all operating systems/software supported? What anti-virus/anti-malware software does the school use, and are there automated alerts to signpost suspicious activity? What is the patching routine? What back-up process is there? Is any element cloud-based, and can data reliably be recovered?
- Assess risk at an individual level. To do this, you need to understand who has access to what, whether that access justifies the additional risk, and consider the audit trails that are in place.
Document and protect it
Armed with the information above, you’ll find it easier to document the status quo and work with suppliers to add extra protection where needed. Once completed, you’ll need to make sure its contents flows down into other school policies.
Raise awareness through regular training
This stage focuses on educating your staff and pupils, because it’s vital that they adhere to the policies you’ve devised. Critically, they can also act as your school’s first line of defence if they’re adequately equipped to recognise a potential cyber threat to alert you to it.
We’d also advise having cyber security as a regular staff meeting agenda item to keep the topic front of mind.
Be alert and prepared
The last stage is planning your response. Every school should have both an incident plan and continuity plan to ensure that it can still operate in any given scenario. The cyber attack section of the incident plan will include comprehensive details of who to contact. The continuity plan will outline contingency plans, such as what happens if the school’s MIS system were inaccessible.
These plans should be devised and tested internally to ensure that all staff members are aware of their responsibilities and know the procedures to follow if and when needed.