We recently met with Daniel Sykes, the Cyber Crime Protect and Prepare Office for the South East Cyber Resilience Centre, to ask
about how their services can help small businesses, schools and multi academy trusts.
The South East Cyber Resilience Centre is a police-led partnership with academia and businesses aimed at improving cyber resilience in businesses across the South East of England. The areas covered by this centre are: Thames Valley, Oxfordshire, Berkshire, Buckinghamshire, West Sussex, East Sussex, Surrey, Hampshire, and the Isle of Wight.
What does this mean for small businesses, schools, colleges and MATs?
It means that you can get free help and advice, including training from this organisation. They offer free webinars:Cyber Security for Humans
but will also do free either in person or online cyber training for staff. If you are in the south and would like to contact Daniel for some staff training, his details are (he requires 20+ people for onsite training):
Daniel Sykes (CISMP)
Cyber Crime Protect and Prepare Officer
Cyber Crime Unit
Surrey and Sussex Police
Force Mobile – 07971337166
We asked Daniel what should we be advising schools to do who are unclear about where they are with their cyber strategy?
He recommended installing and setting up the Police Cyber Alarm which is a free tool to help you understand and monitor malicious cyber activity against your network. The Cyber Alarm can help you help the police check your systems and advise you on anything suspicious. It can help the police understand what threats there are and identify any repeated patterns or trends on particular services. The Police Cyber Alarm had a poor reputation amongst schools when it was first released, but is now recognised as a tool to help organisations safely monitor their networks at no extra cost. A report is provided, which is also useful in preparing for future cyber resilience.If you are an organisation in the South East of England and would like to benefit from these and more resources, their website is here: The South East Cyber Resilience Centre
If you are an organisation that doesn't know where to start with their cyber security plan, then start by looking at their: Cyber Workout Plan
Information about the other Cyber Resilience Centres:
Cyber Resource: The Cyber Resilience Centre Group
How resilient is your organisation?
(An example of the kind of question to ask is below). If you are a school or MAT are you checking in with the DfE Digital Standards for schools and colleges?What to do in the event of a Cyber Attack
Incidents or attacks where any security breaches may have taken place, or other damage was caused, should be reported to an external body.
The SLT digital lead will be responsible for assigning someone to report any suspicious cyber incidents or attacks. This person will need to report this to:
- Action Fraud on 0300 123 2040, or the Action Fraud website
- the DfE sector cyber team at
This email address is being protected from spambots. You need JavaScript enabled to view it.
You may also need to report to:
- the NCSC website if the incident or attack causes long term school closure, the closure of more than one school, or serious financial damage
- the ICO website within 72 hours, where a high risk data breach has or may have occurred
- your cyber insurance provider (if you have one), such as risk protection arrangement (RPA)
- Jisc, if you are a part of a further education institution
You must act in accordance with:
- Action Fraud guidance for reporting fraud and cyber crime
- Academy Trust Handbook Part 6, if you are part of an academy trust
- ICO requirements for reporting personal data breaches
Police investigations may find out if any compromised data has been published or sold and identify the perpetrator.
m. Preserving evidence is as important as recovering from the crime.
Forward suspicious emails to