In a recent survey carried out by Sophos, a third of schools surveyed admitted to having experienced a cyber-security breach. A further 21% didn’t know or preferred not to say. The severity of the breaches vary from data loss to ransomware, but the issue still remains, that schools are a target and these breaches are destroying schools’ reputation and productivity. For this reason it is imperative that schools are aware, prepared and educated about these threats. The survey also revealed that only 14% of those surveyed view ransomware as their biggest concern, highlighting that despite its growing awareness throughout 2016, there is still a lack of awareness about ransomware. It’s important that all teachers are aware of what ransomware is and how they can fall victim to it. Sophos have compiled 5 top security tips for schools.
1) Have an Integrated Security Plan that Does Not Stifle Productivity
To fully understand their cyber threat and risk exposure, schools should undertake a rigorous security review to identify risks, understand vulnerabilities and assess the impact of a cyber-attack. Only then can they create an integrated cyber security plan that incorporates technical, human and physical defences to deliver effective protection without stifling productivity.
2) Follow Best Practice
Many security breaches can be prevented by ensuring existing cyber defences are deployed at full strength. Too often schools invest in cyber security solutions but fail to deploy them to their full advantage. This significantly reduces their effectiveness and increases the likelihood of a successful, but preventable breach. To ensure you are getting the maximum level of protection from your existing security solutions we encourage all schools to follow the best practice guidance offered by their trusted security partners and vendors.
3) Have a Tried and Tested Incident Response Plan
Work on the assumption that an attack will happen and ensure you have a tried and tested incident response plan than can be implemented immediately to reduce the impact of the attack.
4) Identify & Safeguard Your Sensitive Data
It’s almost impossible to protect all your data all of the time, so identify the information you keep which would cause harm if it were stolen or unlawfully accessed and implement suitable data security procedures to ensure it is appropriately protected.
5) Education, Education, Education
Too many cyber breaches, especially ransomware attacks, are caused by the inadvertent actions of users. It is therefore vitally important that users are educated about the cyber risks they face and the safeguards in place to protect them. Users should also understand their individual cyber Security responsibilities, be aware of the consequences of negligent or malicious actions and work with other stakeholders to identify ways to work in a safe and secure manner.