Cyber Security Training For School Staff

1y ago
32 Views
2 Downloads
9.85 MB
41 Pages
Last View : 14d ago
Last Download : 3m ago
Upload by : Brenna Zink
Transcription

Cyber SecurityTraining ForSchool Staff

Agenda School cyber resilience in numbersWho is behind school cyber attacks?Cyber threats from outside the schoolCyber threats from inside the school4 key ways to defend yourself

83%49%of schools experiencedsome form of cybersecurity incidentof schools confident that theyare adequately prepared in theevent of a cyber attack97%of schools suffered aphishing attackof schools said that losing access to IT serviceswould cause considerable disruption65%of schools don’t train nonIT staff on cyber security

Who is behind cyberattacks? Criminals that might wish to target your school for financial gain. Criminals that have identified a potential weakness in theschool's technology or processes. Staff or pupils that could be responsible for attacks eitherintentionally or accidentally.

Why would they targetmy school? Schools hold lots of sensitive data that can be very valuable. Lots of financial transactions signed off by one person. May be seen as a soft target. Don’t have dedicated security and fraud teams. IT may be older and therefore more vulnerable.

Cyber threats from outsidethe school

Online criminals

Case Study – Fraud and ransomware‘Payment fraud’ andransomware attacks inschoolsThe case study will automatically play whenprogressing to the next slide

Case Study – RansomwarePhone call from someonepretending to be from the DfEPhone callfrom DfEAsked for emaildetails of head ugh thenetworkDemanded 8,000 fordecryption

Case Study – FraudIndependent school parents targetedby ‘payment fraud’ scamIndependentschool targetedPhishing attack ledto the compromiseof emailEmail sent toparents informingof banking detailchangeParent’s schoolfees stolen anddetails sold on foridentity fraud

Foreigngovernmentactors

Cyber threats from inside theschool

Pupils

Case Study – Password managementSchool hacked by pupilbroke Data Protection ActThe case study will automatically play whenprogressing to the next slide

Case Study – Password managementSchool hacked by pupilBroke Data Protection ActAccessedschool MISUsed teacher’spassword20,000 recordsinvolvedDuplicatepasswords usedDisciplinedby ICO

Staff

Case Study – Access controlIT manager convicted afterschool’s computer networkhacked

Case Study – Access controlIT manager arrested after school’scomputer network hackedSchool ITmanagerTaking schoolmoneyAccess toCCTV systemsWiped everythingwhen caught

Accidental cyberincidents

Case Study – Secure storageSchool USB stick lossexposes pupil dataThe case study will automatically play whenprogressing to the next slide

Case Study – Secure storageSchool USB stick lossexposes pupil dataUnencrypted USBstick with thousandsof pupils detailsRemoved fromschool and lostHanded back inand reported toICO

4 key ways to defendyourself Defend against phishing attempts. Use strong passwords. Secure your devices. If in doubt call it out.

Defend against phishing attempts

Phishingexample

How do I defendmyself againstphishing attempts?1.2.3.4.5.Reduce the information available toattackers.Know the influence techniques.Know what ‘normal’ looks like.Don’t be embarrassed to ask for help.Report if you click!

Use strong passwords

Using strongpasswords Avoid commonly usedpasswords.Avoid passwords relating topersonal information.Avoid passwords that have beenbreached previously.

Using strongpasswords1.Create a strong password forimportant accounts.2. Use a separate password foryour work account.3. Where available, switch on twofactor authentication forimportant accounts.4. Store passwords securely.

Secure your devices

Secure your devices1. School owned devices.2. Your own devices.3. Removable storage.

Secure your devices1. Do not ignore updates.2. Only download apps fromtrustworthy sources.3. Physically protect your device.4. If you need to use USB storage,ensure it is encrypted.

If in doubt call it out

If in doubt call itout1. Report any suspicious activity.2. Report as soon as possible.3. Don’t be afraid to challenge.

SummaryYour checklistReviewKnowCheckReview the privacy settingsfor your social media,professional networking sitesand app accounts.Know who to report anyunusual activity to. If you’renot sure, ask your linemanager or IT team.Check your device is set toreceive updatesautomatically.SetRemoveCheckFlag itSet a strong password andswitch on two-factorauthentication, if available, foryour most important accounts.Remove any apps that havenot been downloaded fromofficial stores.Check that the passwordfor your work account isunique.If it’s not possible to followsecurity advice, process orpolicy - flag it to your IT team.

Thank youTo download your cyber security training certificate please click on this s-training-certificateFor other useful school cyber security resources please ls

Cyber Security Training For School Staff. Agenda School cyber resilience in numbers Who is behind school cyber attacks? Cyber threats from outside the school Cyber threats from inside the school 4 key ways to defend yourself. of schools experienced some form of cyber

Related Documents:

Bruksanvisning för bilstereo . Bruksanvisning for bilstereo . Instrukcja obsługi samochodowego odtwarzacza stereo . Operating Instructions for Car Stereo . 610-104 . SV . Bruksanvisning i original

the 1st Edition of Botswana Cyber Security Report. This report contains content from a variety of sources and covers highly critical topics in cyber intelligence, cyber security trends, industry risk ranking and Cyber security skills gap. Over the last 6 years, we have consistently strived to demystify the state of Cyber security in Africa.

What is Cyber Security? The term cyber security refers to all safeguards and measures implemented to reduce the likelihood of a digital security breach. Cyber security affects all computers and mobile devices across the board - all of which may be targeted by cyber criminals. Cyber security focuses heavily on privacy and

Cyber Vigilance Cyber Security Cyber Strategy Foreword Next Three fundamental drivers that drive growth and create cyber risks: Managing cyber risk to grow and protect business value The Deloitte CSF is a business-driven, threat-based approach to conducting cyber assessments based on an organization's specific business, threats, and capabilities.

training must be related to cyber security. As CyBOK is the agreed community scope for established cyber security knowledge, it is anticipated that the majority of knowledge provided in cyber security training will map to CyBOK topics. Other elements in cyber security practice, for example the application of skills, may also be included.

10 tips och tricks för att lyckas med ert sap-projekt 20 SAPSANYTT 2/2015 De flesta projektledare känner säkert till Cobb’s paradox. Martin Cobb verkade som CIO för sekretariatet för Treasury Board of Canada 1995 då han ställde frågan

service i Norge och Finland drivs inom ramen för ett enskilt företag (NRK. 1 och Yleisradio), fin ns det i Sverige tre: Ett för tv (Sveriges Television , SVT ), ett för radio (Sveriges Radio , SR ) och ett för utbildnings program (Sveriges Utbildningsradio, UR, vilket till följd av sin begränsade storlek inte återfinns bland de 25 största

7 Annual Book of ASTM Standards, Vol 14.02. 8 Discontinued 1996; see 1995 Annual Book of ASTM Standards, Vol 03.05. 9 Annual Book of ASTM Standards, Vol 03.03. 10 Available from American National Standards Institute, 11 West 42nd St., 13th Floor, New York, NY 10036. 11 Available from General Service Administration, Washington, DC 20405. 12 Available from Standardization Documents Order Desk .