Recently reported in the news, a primary school was hit by a cyber-attack which caused its reopening after the summer holidays to be delayed.
Research from the government shows that education establishments are more at risk of cyber security breaches than businesses in the commercial sector. One in ten primary schools and a third of secondary schools have experienced cyber-crime in the 12 months to April 2023. Where they do experience breaches, six in ten reported losing money or data or having compromised accounts used for nefarious activity.
Here are some ways education establishments can protect themselves against cyber-crime.
Offer regular security awareness training
Prevention is typically better, cheaper and less disruptive than cure. Ensuring there is sufficient cyber awareness across any organisation is key. Anyone with email or network access can be a weak spot for even the most secure networks, all it takes is one malicious link in an email. Regular security awareness training for IT users will make them more aware of cyber risks like phishing. Phishing is an attempt to steal sensitive information from individuals, usually via email, by cyber criminals posing as legitimate institutions.
Get Cyber Essentials certification
Following a recognised IT security framework like the IASME Cyber Essentials scheme will help to protect your organisation, whatever its size, against a whole range of the most common cyber attacks and shows your service users and suppliers that you’re committed to following industry best practices.
Use immutable backups
An immutable backup is stored digital data that, once saved, is fixed and unchangeable. It cannot be modified, overwritten, or deleted by friend or foe, ensuring that your data remains secure and intact. Ransomware attacks often target backup files to prevent organisations from recovering their data without paying the ransom. Maintaining immutable backups means you will be able to recover data after a ransomware attack and avoid paying a ransom. It’s impossible to stop every cyber-attack but being able to restore systems quickly is invaluable, especially when teaching and learning is affected.
Test your data backup and recovery system regularly
Backup and recovery is the process of duplicating data and storing it in a secure place, in case of loss or damage in a cyber-attack, and then restoring that data to its original location or a safe alternative so it can be used again. Organisations should test their backup systems regularly to ensure that, in the worst-case scenario, they can restore their systems first time without fault. A backup is only as good as the last time you tested it.
If you’re concerned about cybersecurity or need advice on how to choose what’s right for your organisation, we’re here to help. Datcom provides managed IT solutions, cloud computing, cyber security and outsourced IT. Get in touch with our team of experts today.