The DfE has been working closely with the NCSC (UK Government – National Cyber Security Centre) and over the past few months they have been communicating with schools regarding these attacks that have resulted in system damage, data breaches and specifically ransomware attacks.
Breathe Technology says:
As an Education Sector focused IT Service Provider and Security specialists, we would like to ensure that our customers and contacts are aware of the elevated risk. We take this very seriously and we work very closely with our customers to ensure that the required systems and processes are in place.
This article contains some really important documents, including a link where you can download the official, School Staff-Cyber Awareness Training, released by the NCSC (UK Government - National Cyber Security Centre). This is really valuable information too. One of the biggest risks we see when auditing, is not system related, but rather the risk of the employees being caught out by clever Cyber Crime attacks such as phishing.
We have compiled some important resources to help you:
- The DFE Warning Letter (Letter from Jon Gilbert at the DFE)
https://breathetechnology.com/cyber-security/
(scroll down to the heading that reads: Security Resources for you, DfE warning to schools - John Gilbert, CIO DfE) - Government Cyber Essentials Brochure on Cyber Security (From the NCSC)
https://breathetechnology.com/cyber-security/
(scroll down to the heading that reads: Security Resources for you, Government Cyber Essentials Booklet with advice and checklist) - Security Risk Assessment created by our MD, based on the NCSC and ISO27001 guidelines
https://breathetechnology.com/cyber-security/
(scroll down to the heading that reads: Security Resources for you, Cyber Security Risk Assessment – Craig van Aswegen, MD Breathe Technology - Most importantly, you can download a training slide show, with staff Cyber Awareness Training for free. This has been officially been provided by the NCSC for schools. Download it and share it with your staff.
https://breathetechnology.com/cyber-security/
(scroll down to the heading that reads: Security Resources for you, Official NCSC School Cyber Security Training for Staff)
During our IT and Security Audits and in our Pen Testing efforts, we almost always identify staff awareness and training as a risk. We hope that these resources will provide some assistance in protecting yourself, your staff and your school or MAT.
If you require any further assistance or have questions, please reach out. You can contact us on 01223 209920 and ask for Louise Harper or email lucy@breathetechnology.com.