• Darren O'Connor

The pending breach. Is your school next?



Schools are an easy target - Fact

*83% of schools have reportedly experienced at least one cybersecurity incident - Fact

*(LGfl's 2019 Cyber Security School Audit)

When we're auditing school networks its hardly surprising that they're a prime target for cyber criminals. Our latest audit exposed unpatched systems, firmware on devices that's a decade old, firewall ports open to the outside world. This information was discovered by running readily available vulnerability tools. If we're seeing these failures then so are hackers. Except they won't report the vulnerabilities to you they'll use them against you. - Fact.

There are simple steps that you can put in place to make life a little harder for the cyber criminals:

- MFA - Multi-Factor Authentication - this should be applied across all available data sources where available.

- Backups - Sounds simple enough…? Are your backups available on the network as these will be targeted? You should have offline backups and if available hold offline backups offsite. When was the last time you tried to recover a system using these backups?

- Patch management - as we've already covered patch management should be high on your agenda. Software updates contain patches that keep your devices and school secure.

- Cyber incident response plan - This should be the starting point for your incident handling process which should include:

  • Key contacts

  • Escalation Criteria

  • Flowchart or process

  • Guidance on legal or regulatory requirements.

Contact us about our cost effective and collaborative vulnerability management programme. We can also guide your school through the above processes to help tighten your security posture.

3 views0 comments