Cyber Security Training For School Staff
Cyber SecurityTraining ForSchool Staff
Agenda School cyber resilience in numbersWho is behind school cyber attacks?Cyber threats from outside the schoolCyber threats from inside the school4 key ways to defend yourself
83%49%of schools experiencedsome form of cybersecurity incidentof schools confident that theyare adequately prepared in theevent of a cyber attack97%of schools suffered aphishing attackof schools said that losing access to IT serviceswould cause considerable disruption65%of schools don’t train nonIT staff on cyber security
Who is behind cyberattacks? Criminals that might wish to target your school for financial gain. Criminals that have identified a potential weakness in theschool's technology or processes. Staff or pupils that could be responsible for attacks eitherintentionally or accidentally.
Why would they targetmy school? Schools hold lots of sensitive data that can be very valuable. Lots of financial transactions signed off by one person. May be seen as a soft target. Don’t have dedicated security and fraud teams. IT may be older and therefore more vulnerable.
Cyber threats from outsidethe school
Online criminals
Case Study – Fraud and ransomware‘Payment fraud’ andransomware attacks inschoolsThe case study will automatically play whenprogressing to the next slide
Case Study – RansomwarePhone call from someonepretending to be from the DfEPhone callfrom DfEAsked for emaildetails of head ugh thenetworkDemanded 8,000 fordecryption
Case Study – FraudIndependent school parents targetedby ‘payment fraud’ scamIndependentschool targetedPhishing attack ledto the compromiseof emailEmail sent toparents informingof banking detailchangeParent’s schoolfees stolen anddetails sold on foridentity fraud
Foreigngovernmentactors
Cyber threats from inside theschool
Pupils
Case Study – Password managementSchool hacked by pupilbroke Data Protection ActThe case study will automatically play whenprogressing to the next slide
Case Study – Password managementSchool hacked by pupilBroke Data Protection ActAccessedschool MISUsed teacher’spassword20,000 recordsinvolvedDuplicatepasswords usedDisciplinedby ICO
Staff
Case Study – Access controlIT manager convicted afterschool’s computer networkhacked
Case Study – Access controlIT manager arrested after school’scomputer network hackedSchool ITmanagerTaking schoolmoneyAccess toCCTV systemsWiped everythingwhen caught
Accidental cyberincidents
Case Study – Secure storageSchool USB stick lossexposes pupil dataThe case study will automatically play whenprogressing to the next slide
Case Study – Secure storageSchool USB stick lossexposes pupil dataUnencrypted USBstick with thousandsof pupils detailsRemoved fromschool and lostHanded back inand reported toICO
4 key ways to defendyourself Defend against phishing attempts. Use strong passwords. Secure your devices. If in doubt call it out.
Defend against phishing attempts
Phishingexample
How do I defendmyself againstphishing attempts?1.2.3.4.5.Reduce the information available toattackers.Know the influence techniques.Know what ‘normal’ looks like.Don’t be embarrassed to ask for help.Report if you click!
Use strong passwords
Using strongpasswords Avoid commonly usedpasswords.Avoid passwords relating topersonal information.Avoid passwords that have beenbreached previously.
Using strongpasswords1.Create a strong password forimportant accounts.2. Use a separate password foryour work account.3. Where available, switch on twofactor authentication forimportant accounts.4. Store passwords securely.
Secure your devices
Secure your devices1. School owned devices.2. Your own devices.3. Removable storage.
Secure your devices1. Do not ignore updates.2. Only download apps fromtrustworthy sources.3. Physically protect your device.4. If you need to use USB storage,ensure it is encrypted.
If in doubt call it out
If in doubt call itout1. Report any suspicious activity.2. Report as soon as possible.3. Don’t be afraid to challenge.
SummaryYour checklistReviewKnowCheckReview the privacy settingsfor your social media,professional networking sitesand app accounts.Know who to report anyunusual activity to. If you’renot sure, ask your linemanager or IT team.Check your device is set toreceive updatesautomatically.SetRemoveCheckFlag itSet a strong password andswitch on two-factorauthentication, if available, foryour most important accounts.Remove any apps that havenot been downloaded fromofficial stores.Check that the passwordfor your work account isunique.If it’s not possible to followsecurity advice, process orpolicy - flag it to your IT team.
Thank youTo download your cyber security training certificate please click on this s-training-certificateFor other useful school cyber security resources please ls
Cyber Security Training For School Staff. Agenda School cyber resilience in numbers Who is behind school cyber attacks? Cyber threats from outside the school Cyber threats from inside the school 4 key ways to defend yourself. of schools experienced some form of cyber
Bruksanvisning för bilstereo . Bruksanvisning for bilstereo . Instrukcja obsługi samochodowego odtwarzacza stereo . Operating Instructions for Car Stereo . 610-104 . SV . Bruksanvisning i original
the 1st Edition of Botswana Cyber Security Report. This report contains content from a variety of sources and covers highly critical topics in cyber intelligence, cyber security trends, industry risk ranking and Cyber security skills gap. Over the last 6 years, we have consistently strived to demystify the state of Cyber security in Africa.
What is Cyber Security? The term cyber security refers to all safeguards and measures implemented to reduce the likelihood of a digital security breach. Cyber security affects all computers and mobile devices across the board - all of which may be targeted by cyber criminals. Cyber security focuses heavily on privacy and
Cyber Vigilance Cyber Security Cyber Strategy Foreword Next Three fundamental drivers that drive growth and create cyber risks: Managing cyber risk to grow and protect business value The Deloitte CSF is a business-driven, threat-based approach to conducting cyber assessments based on an organization's specific business, threats, and capabilities.
training must be related to cyber security. As CyBOK is the agreed community scope for established cyber security knowledge, it is anticipated that the majority of knowledge provided in cyber security training will map to CyBOK topics. Other elements in cyber security practice, for example the application of skills, may also be included.
10 tips och tricks för att lyckas med ert sap-projekt 20 SAPSANYTT 2/2015 De flesta projektledare känner säkert till Cobb’s paradox. Martin Cobb verkade som CIO för sekretariatet för Treasury Board of Canada 1995 då han ställde frågan
service i Norge och Finland drivs inom ramen för ett enskilt företag (NRK. 1 och Yleisradio), fin ns det i Sverige tre: Ett för tv (Sveriges Television , SVT ), ett för radio (Sveriges Radio , SR ) och ett för utbildnings program (Sveriges Utbildningsradio, UR, vilket till följd av sin begränsade storlek inte återfinns bland de 25 största
prospective arbitrator before making an appointment instead of relying solely on publicly available information and personal recommendations. . Before accepting a request for an interview, prospective arbitrators should agree in advance the limits of the interview with the interviewing party. The place, the timing, the names and roles of the participants and the scope of matters to be .
