3 minute read
Your School’s Cyber Security Starts with Education
by PSI Media
The concerning rise in cyber attacks on the education sector presents an increasing need for both teachers and students to be trained on the importance of cyber security and spotting threats
The education sector now relies heavily on technology to deliver teaching, enable blended learning, and support the day-to-day operations of a school, college, or university. However, the accelerated adoption of technology in such environments has resulted in increased cyber security risks, due to remote working and the growing number of endpoints being used by students and staff. In the last 12 months, 63 per cent of secondary schools and 41 per cent of primary schools identified data breaches or cyber attacks (UK Government, Department for Science, Innovation & Technology, Official Statistics: Cyber security breaches survey: educational institutions findings annex, 2023).
Educational establishments have a responsibility to manage their data properly and securely, however this is becoming a sizeable task to undertake. With more pupils participating in online learning and more staff working from home, the risk of a cyber breach or attack has dramatically increased.
Attacks can take many forms, with phishing emails, hacking, spam, ransomware and malware, social engineering, and denial of service attacks all presenting a threat. Attacks like this cause both financial loss and operational disruption, resulting in reputational damage and downtime in learning. In addition, if highly sensitive data is compromised, staff, students and parents can also be at risk.
The concerning rise in cyber attacks presents an increasing need for both teachers and students to be aware of and trained on the importance of cyber security and spotting threats. One of the simplest and most effective ways to avoid a cyber attack is to educate both staff and students on how to recognise suspicious emails or websites to prevent themselves from falling victim to attacks.
Traditionally, cyber security was seen as the IT managers responsibility, and while their input into a cyber security strategy is more important than ever, it’s also key to adopt a model of shared ownership.
At Sharp UK our IT specialists recommend implementing effective cyber security training for both staff and students in your educational establishment. Here are our top tips:
Take a top-down approach
When it comes to cyber security, a strategy of education must start from the very top. Leadership teams are instrumental in implementing and demonstrating cyber security best practice, so it’s vital they understand its importance and make cyber security a top priority in their educational establishments. Being cyber secure is not optional, with guidance published by the Department for Education stating that school governors and managers are required to implement “an effective whole school and college approach to online safety” to “protect and educate pupils, students, and staff in their use of technology” (UK Government, Keeping Children Safe in Education, 2022). In addition, funding and cyber insurance is increasingly dependent on accreditations such as Cyber Essentials and Cyber Essentials Plus. Senior leaders should have the necessary insight into the dangers and effects of cyber attacks. This understanding allows wellinformed decisions to be made regarding policies, procedures, and end-user training. Educational establishments benefit from a vocal cyber security champion to drive awareness and best-practice top-down.
Empower
All Staff And Teachers
Teachers may be unaware of the cyber security threats they are likely to encounter in their daily activities, which means they require education and training. However, all too often cyber security training is only offered to administrators and those in IT related positions, instead of teachers themselves. This is important to overcome as teaching staff are key stakeholders who will enforce cyber security policies on a day-to-day basis. They should receive effective training about the types of cyber security threats that exist, and the impact each of these could have on themselves, their students, and their school. Training should include cyber security quick wins, like multi-factor authentication (MFA), locking devices, protecting student data, and cyber-hygiene. More than just learning for themselves, teachers can take information back to their students, cascading it down and implementing it into learning resources. In addition, when supplied with engaging and informative learning resources like those in our Sharp UK Cyber Security Resource Pack, teachers can easily make cyber security best practice a part of their daily curriculum and culture.
Engage your students
Students currently in education are the most tech savvy generation in recent times, with more technology than ever at their fingertips in both their education and personal lives. Therefore, it’s important they understand the types of cyber security threats they are likely to encounter, in addition to how to stay safe whilst online, and the wider impact cyber attacks can have. Initiating learning-based conversations around cyber security in a classroom environment captures attention. Cyber security, can be challenging to understand, so using engaging and practical activities such as worksheets and quizzes which provide bitesize chunks of information, helps learners to realise its importance. Informative resources paired with collaborative activities from trusted sources such as Sharp UK, are a great first step in increasing students’ knowledge on this complex and ever-evolving subject L
Further Information
If you’d like access to educational cyber security resources for both students and staff, including leaflets, assembly slides, worksheets, quizzes and more, download your free Sharp UK Cyber Security Resources Pack here