Cyber for School Leadership
Thank you for attending a cyber security session for school leadership with the SEROCU Cyber Protect team. If you have any feedback at all, we would love to hear it in order for us to develop and tailor our resources.
If you took part on MS Teams, we would love for you to take just a couple of minutes to complete a survey about the presentation. There are thirteen short questions, mostly multiple-choice. This opens in a new window – close it once complete.
Please email us at:
CyberProtect@serocu.pnn.police.uk
For details of our Inset Day training programme for Staff and those with a Safeguarding or Pastoral role, please visit our Cyber for Schools page.
Action List
Securing Accounts
- Review and implement a better password policy
- Teach staff how to use good passwords
- Implement Two-Factor Authentication on key systems (and everywhere else if possible)
Resources:
- SEROCU Password Guidance
- SEROCU 2FA Guidance
- NCSC Password Guidance for Individuals
- NCSC Password Guidance for Organisations
- NCSC 2FA Guidance
Securing Data
Protecting data starts with understanding:
- What data you hold
- What data is sensitive
- Who needs access to that data
- How that data is used
- When that data is used
- How access is controlled
- Implement a process for user account review
- Implement periodic reviews of access permissions
- Ensure there is no use of shared accounts
Networks and Systems
- Ensure the network is mapped and assets identified
- Incorporate asset lifecycle into long-term budget planning
- Ensure robust update policy exists
- Ensure all assets have an owner and risks are understood
Resources:
- NCSC Network Security Guidance
- NCSC Risk Management Guidance
- NCSC Asset Management Guidance
- NCSC Cyber Essentials Scheme
Remote and Cloud Working
- Review Remote Working policy and controls
- Review cloud policy and controls for suitability
Resources:
- NCSC Remote Working Guidance
- NCSC Cloud Security Guidance
- NCSC Two-Factor Authentication for Cloud Services Guidance
- NCSC Securing Microsoft 365 Guidance
Defending Systems
- Review antivirus deployment – needs and coverage
- Minimise phishing risks using technical methods
- Train staff about phishing risks and reporting
Resources:
- NCSC Antivirus Guidance
- NCSC Mitigating Malware Guidance
- NCSC Phishing Guidance for Organisations
- NCSC Avoiding Phishing Guidance for Individuals
- NCSC – Email Security Guidance
- SEROCU Staff Cyber Security Training
- NCSC Top Tips for Staff Basic E-Learning
Incident Response
- Develop incident response plans for likely threat types
- Start with plans on the most likely threats:
- Phishing
- Malware
- Ransomware (as specific plan)
- Network or system intrusion
- Data breach or loss
- Denial of Service
- Fraud
- For each plan, think about:
- How you are likely to detect the problem
- The systems or people the incident is likely to affect
- The impacts of such an incident – and how they could be mitigated
- How you might isolate the problem and stop the spread
- Who you would call for assistance – and how
- How you would gather more information for responders
- Steps to recover from the incident
- How you would learn from the incident and improve the plan
- Start with plans on the most likely threats:
- Review backup solutions for adequacy and testing
Resources:
- NCSC Incident Response guide for Small Organisations (PDF)
- NCSC Incident Response – full Guidance
- NCSC – free cyber desktop exercise system – Exercise in A Box
- NCSC Backup Guidance
Safeguarding Pupils
- Teach Pupils about using technology safely, lawfully and ethically
Resources:
- SEROCU Cyber Choices pages
- SEROCU Cyber training for DSLs and Pastoral leads
- SEROCU Cyber Choices Lesson Plans
Other Information
National Cyber Security Centre Resources:
- Small Business Guide (suitable for smaller schools or those just starting to think about cyber)
- 10 Steps to Cyber Security (suitable for larger schools or those who are more mature in cyber)
- NCSC Early Warning Service – Early Warning helps organisations investigate cyber attacks on their network by notifying them of malicious activity that has been detected in information feeds.
Reporting Cybercrime:
Action Fraud – for reporting any Fraud or Cybercrime – includes 24/7/365 helpline for a live cybercrime
Other:
SEROCU Cyber Security Training for Staff and DSLs
Police CyberAlarm – coming May 2021 to the South-East; free to use threat monitoring and reporting service for organisations, with free external and website vulnerability scanning services as well
South-East Cyber Resilience Centre – joint Police and private-sector not for profit organisation, providing advisory services, low-cost cyber security services and referral to vetted and approved service providers.