How to prevent future cyber incidents in local schools

Despite local schools going online following the pandemic, the cybersecurity threat prevails – here’s how to prevent future cyber incidents

Learning from home was not the only challenge local schools faced during the pandemic.

Over the last two years, schools and universities have witnessed an unprecedented level of ransomware attacks as incidents continue to severely impact the education sector. Despite the return to classrooms, the cybersecurity threat prevails, explains Brian Horsburgh, Public Sector at Dell Technologies.

Data from the National Crime Agency’s National Cyber Crime Unit (NCCU) shows a 107 per cent increase in reports from the police cyber prevent network of students as young as nine deploying DDoS (distributed denial of service) attacks from 2019 to 2020.

IT leaders must continue working with administrators, students, teachers and parents to stop security breaches and prevent future attacks. In addition, there is a role for local councils and industry to help local schools tackle the increasing cyber incidents threat.

As these institutions increasingly become targets of malicious attacks, where school infrastructure can be compromised, the higher the stakes. A robust cybersecurity foundation is essential for schools of all sizes to plan for and prevent the possibility of these incidents. All schools should have the support needed to be able to deliver this.

Assess and plan to avoid cyber incidents

To increase access to technology while avoiding compromise, primary, high school, and further education must each have the support and resources necessary to adopt cybersecurity best practices.

The first step involves identifying someone with the skills and capacity or the resource to bring this in and then beginning with a security risk assessment to identify gaps and weaknesses across networks and infrastructure. These assessments also measure cyber preparedness and the ability of each institution to identify, protect, detect, respond and recover from ransomware or other cyberattacks and vulnerabilities.

Once there is an established baseline, the school’s management team should develop a comprehensive plan to gain continuous visibility across endpoints and networks. Securing a school’s endpoints from malware and phishing attacks is critical to establishing a greater security perimeter for student and faculty workstations, laptops, tablets and other devices that may be compromised.

Tools to manage risks and reduce cyber incidents

Secondly, adopting the right tools is also an essential step in managing risk to systems, assets, data and capabilities. Due to the increase in cyber-attacks in the education sector, experts from the National Cyber Security Centre have rolled out free cyber defence tools to schools to help them protect their emails and websites from online attackers.

UK education settings can sign up for the NCSC’s Web Check and Mail Check, which services to protect their websites and email servers from cyberattacks. Dell Technologies also provides a free Cyber Resilience assessment to help organisations better understand their cyber risks and vulnerabilities and provide actionable recommendations.

Access to free tools and advice is vital for the UK’s schools. Over the last year, we’ve witnessed a rise in attacks that have affected schools across the country. These negatively impact the schools in a variety of ways from financial records going missing, student coursework getting lost and some institutions having to disable the entire email system.

Strike the balance between access and security

Finding the balance between access and security is a constant struggle. We know that access to technology is an essential part of learning. However, IT often feels the pain of pushing for increased security. Teachers and administrators have a desire to provide easier and greater access to learning tools, but the challenge is finding a solution that doesn’t put students’ safety at risk. We need to seek technologies that push the access models for our young people while keeping a cyber-safe approach.

To illustrate one example of how to strike that balance, consider this common decision that IT departments struggle with across the country. Applications that enable communication and collaboration have the potential to make personally identifiable information (PII) public to the world.

Some schools block these tools, while others see them as essential for collaboration. Rather than trying to determine if restricting these apps is the best option, schools should find technologies that allow for collaboration while limiting PII leakage. When we see the opposing forces that make striking that balance difficult, we can identify solutions that can continue to push the access we seek.

Monitoring & protecting  

Once the foundations of a plan are established, there must be constant upkeep. School leaders must focus on holistic data protection and threat management solutions, especially for IT and security teams that suffer from depleted resources and budgets. Ensuring networkers are constantly monitored and protected from the classroom to the data centre to the cloud should remain a top priority.

Deploying servers with built-in cybersecurity controls and a protected supply chain ensures a robust and layered security approach. Endpoint protection solutions help detect, investigate, and respond to advanced threats across endpoints, networks, and cloud environments. These intelligent and automated tools help effectively identify authorized users and nefarious threats from outside school networks.

Especially as local schools begin to adopt cloud solutions and a multi-cloud environment, intelligent software-defined solutions that detect unusual patterns, send alerts and protect data while ensuring compliance, and streamlined cloud recovery and restoration activities will better defend critical data in the care of security teams.

By deploying solutions such as a physically isolated data vault with immutability for critical applications and data, schools can significantly lessen the impact of cyberattacks and resume operations rapidly should a security incident occur.

Best Practices for security transformation

Part of any comprehensive security transformation also requires education and awareness. It is important to build a culture of security awareness for every stakeholder in the education process, from IT staff, educators and administrators to students and parents. This strategy should include a regular cadence of training around maintaining good cyber and technology hygiene.

The threat landscape for education security leaders continues to grow, especially as new models of learning—including hybrid, blended and remote situations—arise. Focusing on planning and finding new security solutions will limit classroom disruptions and boost learning outcomes.

By adopting these best practices, schools can provide the right balance of access and protection while facilitating student-centred learning.

To make an obvious point, the education system is what prepares young people for the future – providing skills for the job market and life. Cybersecurity and providing a safe and secure environment are crucial. Local councils, industry and schools must work together to achieve this. This includes ensuring that schools are supported to have the skills and funding needed to put in place necessary cybersecurity services.