Be Cyber Smart!
The need for cyber security awareness across the education sector
A recent government survey reports that education establishments, of all sizes, face more than ever an increasing number of cyber attacks. However, cyber security training or awareness raising activities are not adopted by all – and are typically less common in schools compared to both further and higher education institutions. Around four in ten of primary schools (42%) and around half of secondary schools (51%) have undertaken any such activities in the last 12 months, compared to around eight in ten further education colleges and all higher education institutions (100%).
Fraudsters Targeting Schools with Ransomware
Fraudsters have been cold calling UK education establishments resulting in ransomware attacks. There have been several instances on fraudsters posing as being from the Department of Education, the Department for Work and Pensions, or telecoms providers. The head teacher, financial administrator receive emails with attachments purporting to be anything from exam guidance forms to mental health assessments. On opening the attachments, ransomware is activated encrypting files and systems which attackers hold to ransom. The recent spate of ransomware attacks have seen an average pay off of around £8000 each, with schools either having to pay the ransom or rebuilding systems and hoping that they can restore anything important using backups.
Cyber Security Awareness in Education is Key
Aside from expert security management, continuous-assessment security awareness programmes and education on identifying and evading cyber threats are key in combating the rising tide of ransomware and cyber fraud. This shouldn’t be limited to the classroom but should extend to staff, teachers and parents. Cyber threats are now a part of our lives and are only growing more sophisticated and pervasive – so taking steps to learn how to be cyber smart, in the same way people are trained to be street smart, is an invaluable for modern life.
Expert-led security education
Working with Education organisations such as the Independent Schools Bursars Association, Infosec Partners improve awareness of cyber threats and provide schools with tailored advice and expertise to meet their specific security needs.
No one likes to be fooled but people are still the weak link in cybersecurity, which is why Infosec Partners help schools develop and deliver cyber awareness programmes for students, staff and parents. Contact us today to find out more.
- Proven security expertise.
Trusted by significant organisations worldwide and recognised as a partner of excellence by leading security vendors because of our proven know-how and expertise in cybersecurity.
- Optimise budget.
Whilst resellers will simply try and sell you another expensive appliance, we’ll only identify solutions that you really need and provide justification through risk modelling.
- Clear return on security investment.
Evaluate the effectiveness of your existing and planned solutions, against your investment. Devise a strategy to achieve the security you need at a budget aligned with your risk profile.
- We focus on your security.
We are technology and vendor agnostic and will always recommend the best solution set to clients. We will transparently explain our recommendations and align with your organisations’ needs.
Any device secured. Our engineers are certified and experienced to be able to integrate, secure, optimise and support any security device by any vendor.
- Identify your Critical Assets.
A Crown Jewel Assessment helps you identify your critical and high-value assets. Are you adequately protecting these assets?
- Define your Risk Profile.
A Cybersecurity Risk Assessment identifies the top risks your school faces and establishes how much risk you would deem acceptable.
- Identify Gaps in your Security.
Are you currently exposed? How easy would it really be for an attacker to break through your defences? Penetration testing pin points the areas that need strengthening.
- Meet compliance requirements.
Achieve compliance with the UK Data Protection Act, GDPR, KCSIE, the Prevent Duty, as well as passing inspections by OFSTED and ISI. Achieve certification with PCIDSS, ISO27001, ISO22301 and Cyber Essentials.