{"id":3841,"date":"2023-01-24T12:31:37","date_gmt":"2023-01-24T12:31:37","guid":{"rendered":"https:\/\/educationdatahub.org.uk\/?p=3841"},"modified":"2023-01-25T09:07:08","modified_gmt":"2023-01-25T09:07:08","slug":"a-practical-guide-for-schools-cyber-incident-response","status":"publish","type":"post","link":"https:\/\/educationdatahub.org.uk\/news\/a-practical-guide-for-schools-cyber-incident-response\/","title":{"rendered":"A Practical Guide for Schools Cyber Incident Response"},"content":{"rendered":"

…or How to Plan for the Proverbial Hitting the Cyber Fan!<\/span><\/span><\/h4>\n

With a noted increase in cyber incidents involving schools since Covid, it is
\n<\/span> imperative that schools know how they can prepare \"\"and protect themselves against a cyber attack. <\/span>\u00a0<\/span><\/p>\n

Data has become big business in the world of crime, and with this there has been a rise in the number of cyber attacks. One of the most powerful tools that hackers use is Social Engineering, which relies on manipulation of the end user into first activating the cyber attack, commonly through phishing, although this is not the only method of infiltration. Educating your school staff on understanding hackers’ tools and tactics can help bolster your schools cyber defences.<\/span>\u00a0<\/span>\u00a0<\/span><\/p>\n

In the last six months alone there have been several cyber incidents in schools reported in the media, where personal and special category data has been breached, leaving staff and pupils unable to access school systems. Most recently was an Academy Trust where fourteen <\/span>schools<\/span> were affected.<\/span>\u00a0<\/span>\u00a0<\/span><\/p>\n

In the event that school cyber defences are breached, it is vitally important to have contingency plans in place\u00a0to maintain a minimum level of functionality \u2013 not only to safeguard pupils and staff, but to also restore the<\/span> school back to an operational standard<\/span>.\u00a0This planning is known as a <\/span>Cyber Incident Response Plan (CIRP)<\/span> and should form part of an overall School Continuity Plan (<\/span>Disaster Recovery Plan) as per the <\/span>DfE Cyber Security Standards<\/a><\/strong> (Oct 2022). <\/span>\u00a0<\/span>\u00a0<\/span><\/p>\n

The\u00a0key to a successful Cyber Incident Response Plan (CIRP)<\/span> and improvement of the schools cyber resilience i<\/span>s the ownership of it by the Governors and Senior Leadership team. This is outlined by the <\/span>DfE Cyber Security Standards<\/a><\/strong> and <\/span>National Cyber Security Centre (NCSC)<\/a><\/strong> By enforcing the school’s cyber strategy,\u00a0from the top, a culture of cyber compliance is built.<\/span>\u00a0<\/span>\u00a0<\/span><\/p>\n

A robust <\/span>Cyber Incident Response Plan (CIRP)<\/strong><\/span><\/a> contains all the information that your school would need to respond to a cyber incident. This includes:<\/span>\u00a0<\/span>\u00a0<\/span><\/p>\n