Cyber for School Leadership

Thank you for attending a cyber security session for school leadership with the SEROCU Cyber Protect team. If you have any feedback at all, we would love to hear it in order for us to develop and tailor our resources.

If you took part on MS Teams, we would love for you to take just a couple of minutes to complete a survey about the presentation. There are thirteen short questions, mostly multiple-choice. This opens in a new window – close it once complete.

Please email us at:

Action List

Securing Accounts

  1. Review and implement a better password policy
  2. Teach staff how to use good passwords
  3. Implement Two-Factor Authentication on key systems (and everywhere else if possible)


Securing Data

Protecting data starts with understanding:

  • What data you hold
  • What data is sensitive
  • Who needs access to that data
  • How that data is used
  • When that data is used
  • How access is controlled
  1. Implement a process for user account review
  2. Implement periodic reviews of access permissions
  3. Ensure there is no use of shared accounts

Networks and Systems

  1. Ensure the network is mapped and assets identified
  2. Incorporate asset lifecycle into long-term budget planning
  3. Ensure robust update policy exists
  4. Ensure all assets have an owner and risks are understood


Remote and Cloud Working

  1. Review Remote Working policy and controls
  2. Review cloud policy and controls for suitability


Defending Systems

  1. Review antivirus deployment – needs and coverage
  2. Minimise phishing risks using technical methods
  3. Train staff about phishing risks and reporting


Incident Response

  1. Develop incident response plans for likely threat types
    1. Start with plans on the most likely threats:
      • Phishing
      • Malware
      • Ransomware (as specific plan)
      • Network or system intrusion
      • Data breach or loss
      • Denial of Service
      • Fraud
    2. For each plan, think about:
      • How you are likely to detect the problem
      • The systems or people the incident is likely to affect
      • The impacts of such an incident – and how they could be mitigated
      • How you might isolate the problem and stop the spread
      • Who you would call for assistance – and how
      • How you would gather more information for responders
      • Steps to recover from the incident
      • How you would learn from the incident and improve the plan
  2. Review backup solutions for adequacy and testing


Safeguarding Pupils

  1. Teach Pupils about using technology safely, lawfully and ethically


Other Information

National Cyber Security Centre Resources:

Reporting Cybercrime: