• 0800 0862018
  • This email address is being protected from spambots. You need JavaScript enabled to view it.
  • Mon - Fri 8:00 - 17:00
A digital city with a dome around it showing protection, a white padlock at the top. Cyber resilience in white text. Data Protection Education DPO badge

The NCSC has recently published an article about creating resistant cloud backups as a way to be more resistant to the effects of destructive ransomware.

We all know that backups are an essential part of an organisation's cyber strategy and making regular backups is the most effective way to recover from a destructive ransomware attack, where an attacker's aim is to destroy or erase a victim's data. 

Be cyber aware in orange text on a blue background above a blue mobile phone, blue key store, blue key and a blue shield with a green tick inside it.

The NSA and CISA Red and Blue teams recently shared the top ten cyber security misconfigurations.  The schools we have worked with that have suffered a cyber attack often find that there are configurations, upgrades or user access controls that were missed.  This advisory highlights all of those and more - these are not in-depth configurations, but often ones that are set up incorrectly and then not checked or updated as time goes by. Although the advisory is aimed at larger organisati

Lettings and Best Practice in Blue text, hand dangling a bunch of keys. Data Protection Education DPO badge in the bottom left

During our data walks we are looking at data breach risks, in terms of 'Who has access to what data?'.  As part of our walk we may ask who has access to the school other than the employees and children attending, for example, Lettings.  As Lettings usually occur outside of the school working day, physical security can be overlooked or not thought about and so raises the risk of a data breach.  This article is launching our Lettings Checklist for schools which is shown at the end o

Childrens hands showing their palms each with a letter from the word 'Safety'. Blue text: "Online Safety Act Becomes Law"

The UK Online Safety Bill became law on Thursday 26th October.  The UK Government says the Online Safety Act will protect people, particularly children, on the internet.  The Act should make social media companies keep the internet safe for children and give adults more choice over what they see online.  Ofcom will immediately begin work on tackling illegal content and protecting children's safety.

  1. October is Cyber Security Awareness Month: 16. Access Control (Wi-Fi/Network access)
  2. October is Cyber Security Awareness Month: 15. Access Control (working from home/off site)
  3. October is Cyber Security Awareness Month: 14. Access Control (MFA)
  4. October is Cyber Security Awareness Month: 13. Awareness
  5. October is Cyber Security Awareness Month: 11. Policies and Procedures
  6. October is Cyber Security Awareness Month: 12. Training
  7. October is Cyber Security Awareness Month: 10. Assess where you are with cyber security
  8. October is Cyber Security Awareness Month: 9. A guide for education providers
  9. October is Cyber Security Awareness Month: 8. How can your school prevent Ransomware attacks?
  10. October is Cyber Security Awareness Month: 7. What does a Ransomware attack on a school look like?
  11. Considerations when migrating to a new MIS
  12. October is Cyber Security Awareness Month: 6. Cyber Action Plan
  13. October is Cyber Security Awareness Month: 5. Responsibilities
  14. October is Cyber Security Awareness Month: 4. What to do in a cyber attack
  15. October is Cyber Security Awareness Month: 3. Data Security
  16. October is Cyber Security Awareness Month: 2. Privacy Protection
  17. October is Cyber Security Awareness Month: 1. Why is cyber security important?
  18. The importance of software updates (PaperCut vulnerability and Rhysida ransomware)
  19. Public bodies and sensitive data
  20. Adding offline bulk training using the Certificates function
  21. Ransomware, extortion and the cyber crime ecosystem
  22. ICO: 10 Step guide to sharing information to safeguard children
  23. Schools under Cyber Attack: September 2023
  24. Cyber Resource: The Cyber Resilience Centre Group
  25. Schools and Trusts Best Practice Area
  26. Email and Security: ICO recent guidance
  27. Help after a Cyber Attack/Incident
  28. Social Media Policy
  29. Data Protection and Cyber Security (Inset Day) Training Ideas
  30. Changes to Microsoft Free Licensing for Schools
  31. What to do in the event of a Cyber Attack
  32. Cyber Crime: AI Generated Phishing Attacks
  33. Handling Freedom of Information Requests the right way
  34. Cyber Attack: Exam Boards
  35. VICE SOCIETY - Ransomware attacks on schools
  36. Using Tags if you are a group of organisations in the DPE Knowledge Bank
  37. Where's Harry the Hacker?
  38. Be Cyber Aware: USB Sticks
  39. Cyber Insurance in the Public Sector
  40. Types of Cyber Attacks: DDos Attack (Microsoft DDoS Attack in June)
  41. Cyber Attack: Manchester University
  42. Cyber Attack: Leytonstone School
  43. The ICO Reprimands a school
  44. Be Cyber Aware: Firewalls
  45. Subject Access Requests (SARs)
  46. Be Cyber Aware: Cyber attacks and transparency. A no blame culture
  47. Cyber Attack: Dorchester School
  48. Knowledge Bank Role Types: Admin, Staff and Trustee
  49. Types of Cyber Attacks: Password Attacks
  50. Be Cyber Aware: Why regular software updates are important
  51. Cyber Security Breaches Survey 2023
  52. World Password Day - May 4th
  53. Cyber Attack: Wiltshire School
  54. Keeping your IT systems safe and secure
  55. Types of Cyber Attacks: DDoS Attacks
  56. Types of Cyber Attacks: Phishing
  57. Types of Cyber Attacks: The Insider Threat
  58. Why your data is profitable to cyber criminals
  59. Using WhatsApp in Schools
  60. The Changes to Data Protection in the UK
  61. Knowledge Bank Updates
  62. Types of malware and how they are linked to data protection
  63. Striking Data Breach
  64. Windows Server 2012 & 2012 R2 Retirement
  65. How to contact us for support, subject access requests, data breaches and FOI's
  66. YouTube breached child protection laws
  67. How a school fought back after a cyberattack
  68. Types of Cyber Attacks - Credential Stuffing
  69. January Cyber update - How Can Schools Help Prevent Cyber Attacks?
  70. End of Windows 8.1 Support
  71. Assigning courses to staff using to-dos
  72. How the Record of Processing Can Help You
  73. Information Security Basics: What are VPN's?
  74. What does a Data Protection Officer Do?
  75. Are you ready for a Data Breach?
  76. Blog: Best Practice on the Retention of Child Protection Information
  77. Carrying out Supplier Due Diligence
  78. Email and retention periods
  79. How Long Should You Keep Personal Data For?
  80. The Education sector now at highest risk of cyber attacks
  81. How to Assess your Data Security
  82. Schools Blocked from Using Facial Recognition Systems
  83. Sharing this year’s Nativity play online
  84. A quick introduction to the Phishing Simulation tool
  85. The Children's Code
  86. Recording vaccination of staff
  87. B&H FoI: Racist/religious incidents/bullying
  88. Cyber Attacks
  89. Protocol for Setting Up and Delivery of Online Teaching and Learning
  90. Class Dojo International Data Sharing
  91. Model Publication Scheme: Amendments, Improvements and Updates
  92. Child friendly privacy notices
  93. Transparency
  94. Parents and students covertly recording conversations
  95. SAR? ER? FOI?
  96. Secure file transfer of files using Royal Mail
  97. Emergency contacts and consent
  98. Key elements of a successful DPIA
  99. FOI Publication Schemes
  100. SHARE: Avoid disinformation online
  101. Best Practice for Managing Photos and Video
  102. New Drip Feeds: Recognise and Respond to Subject Access Request
  103. When to contact the Data Protection Officer?
  104. National child measurement programme
  105. Make sure DPE is your registered DPO with the ICO
  106. Compliance Manager released
  107. Headteacher fined for breach of data protection legislation
  108. Emails – good practice and minimising the risk of a data breach