Cyber Security within the Education Sector
From the conversations UCcert has been having with various schools and Academy Trusts, the
approach to Cyber security within the education sector appears to be very hit and miss. Some
appear to be extremely clued up and others are crossing their fingers and hoping for the best.
This is hardly surprising given ever tighter budgets and IT departments that are under-staffed.
Unlike their peers in the enterprise sector they don't have a dedicated SOC (Security Operations Centre) or a fully automated SIEM(Security Information and Event Management) system alerting them to potential breaches and attacks. No, your average IT candidate within a school could be replacing toner one second, helping a teacher troubleshoot connectivity issues and then unlocking a pupils AD account because they've locked themselves out for the third time that week. Where's the time dedicated to working on security and is it no surprise that schools are a prime target for hackers (1*)?
(1*) Taken from LGfL's 2019 Cyber Security Schools Audit - 83% of schools have reportedly experienced at least one cybersecurity incident.
Those that had experienced a breach or attack in the last 12 months, further and higher education institutions had been more severely affected by them compared to other education institutions and the average UK business.
Figure 1. Types of breaches and attacks - Cyber Security Breaches survey 2020, provided by the Department for Digital, Culture, Media and Sport.
Where are schools turning to for their cyber information and guidance? A low percentage are turning to external cyber security or IT providers (40% of primary schools, 35% of secondary schools and 54% of further and higher education institutions). Others sources of information are gleaned from government or public sector sector sources such as the NCSC. If you're looking to get started with your cyber awareness a couple of useful sources of information are the Cyber Essentials (https://www.cyberessentials.ncsc.gov.uk/.) and the 10 Steps to Cyber Security schemes (https://www.ncsc.gov.uk/collection/10-steps-to-cyber-security).
Don't forget your five technical areas to cover/control:
Boundary Firewall/Internet Gateway
User access controls