The recent news has been full of the global IT outage that affected many systems over the weekend, including airlines and patient access.  Although the incident was not caused by a cyber attack, it is important to note that it was a cyber incident which affects everyone.

A cyber incident is an event with threatens the confidentiality, integrity or availability of information systems, networks or the information they contain.

Review our previous article: What's a Cyber

Plans for the new government to introduce legislation for cyber security, digital and data were outlined in the King's speech on 17 July 2024.

As you all prepare to pack up for the Summer, we would like to remind you about the benefits of pre-holiday cyber hygiene.
Many of the cyber attacks that we see on schools happen on the first day of a long weekend or a holiday - that's because the threat actors know in some instances it might be a good while before anyone notices.  

This article discusses what a cyber incident is and what you should do if you experience one.  The important thing to note is that this isn't a full-blown cyber attack, but you should still go through various reporting and risk management processes.

Regular cyber training for staff is crucial given the amount of systems involved in running organisations.  Schools and Trusts should be doing this annually as advised by the DfE Cyber Security Digital Standards.

NHS Dumfries and Galloway has confirmed some children’s mental health data has been published by criminals following a cyber attack.    

The Government recently published the Cyber Security Breaches survey 2024. The survey has an annex which includes findings from samples of UK educational institutions.

A summary of the government Cyber Security Breaches 2024.  It is an official set of statistics produced by the Department for Science, Innovation and Technology in partnership with the Home Office. The findings of this survey provide a comprehensive description of cyber security for a representative sample of UK organisations, which provides a snapshot of UK cyber resilience at this point in time.

A cyber incident review is a process or analysis undertaken after a cyber security incident or cyber attack has occurred.  It involves analysing the event in detail to understand what happened, why it happened and how it can be prevented in the future.

During February there have been a number of attacks reported on Universities in the UK.  There were reports of hackers attacking the universities of Cambridge, Manchester and Wolverhampton.  Systems were affected at all sites.  The disruption is the latest reported attack by Anonymous Sudan.  It is thought the attacks are related to the UK's support of Israel in the Gaza conflict.

The ICO has confirmed a data breach from Kent councils.  The breach was reported by three Kent councils who share the same IT support provider.  Canterbury, Dover and Thanet councils continue to be hampered by the disruptions of onlines services following a cyber incident.

While we think every day is important to consider your security around your passwords, there's no harm in highlighting the importance of security and best practice.