Several countries have pledged never to pay cyber criminal ransoms and to collectively work toward disrupting their financial systems.  The members affirmed their joint commitment to building their collective resilience to ransomware.  They will share data on ransomware perpetrators and techniques and establish a blacklist of information about digital wallets used to facilitate rasomware payments.

Google have recently published some guidance to help IT admins meet the DfE digital and technology standards in schools and colleges.  The guidance takes all of the standards in the Meeting digital and technlogy standards in schools and colleges document and offers advice around the use of Google products in applying the standards.

The NCSC has recently published an article about creating resistant cloud backups as a way to be more resistant to the effects of destructive ransomware.

We all know that backups are an essential part of an organisation's cyber strategy and making regular backups is the most effective way to recover from a destructive ransomware attack, where an attacker's aim is to destroy or erase a victim's data. 

The NSA and CISA Red and Blue teams recently shared the top ten cyber security misconfigurations.  The schools we have worked with that have suffered a cyber attack often find that there are configurations, upgrades or user access controls that were missed.  This advisory highlights all of those and more - these are not in-depth configurations, but often ones that are set up incorrectly and then not checked or updated as time goes by. Although the advisory is aimed at larger organisati

During our data walks we are looking at data breach risks, in terms of 'Who has access to what data?'.  As part of our walk we may ask who has access to the school other than the employees and children attending, for example, Lettings.  As Lettings usually occur outside of the school working day, physical security can be overlooked or not thought about and so raises the risk of a data breach.  This article is launching our Lettings Checklist for schools which is shown at the end o

Recently the ICO reprimanded a company that suffered a ransomware attack.  The attack resulted in a data breach - learning lessons from real-life incidents is a valuable way to promote knowledge sharing and improve.

The UK Online Safety Bill became law on Thursday 26th October.  The UK Government says the Online Safety Act will protect people, particularly children, on the internet.  The Act should make social media companies keep the internet safe for children and give adults more choice over what they see online.  Ofcom will immediately begin work on tackling illegal content and protecting children's safety.

Moving MIS is a daunting task and is no small undertaking for a school. Moving to the cloud from a legacy system means that there are cyber security benefits but may be something new to your organisation. There is often the assumption that the new MIS porvider will seamlessly migrate the data for you, however there is a considerable amount of work that the school must do beforehand in order to make this happen.  This article provides some practical guidance and considerations.

We previously reported on some schools that had sufferred ransomware attacks, namely Thomas Hardye in Dorset.  It has since been discovered the attack was by the hacker group that goes by the name "Rhysida".  
The attack methodology used was by exploiting a known vulnerability in PaperCut.  Other schools have reportedly suffered the same attack from the group.

Computing Magazine recently reported about the ICO reprimanding seven organisation for domestic abuse breaches in the last 14 months.  A collection of public bodies, charitable organisations, law enforcers and lawyers have made personal data slips when handling domestic abuse cases in the last year, showig abusers where to find their victim is hiding.

Here's a little-used function on the Knowledge Bank.

Did you know that you can record offline training events? For example group face-to-face training sessions? Here's how.

As we have seen an increase in the number of cyber attacks on schools we wanted to highlight a white paper that has been produced by the National Cyber Security Centre (NCSC), part of GCHQ and the National Crime Agencey (NCA).  The UK is currently a high value target for cyber criminals, not just in terms of business but against the UK citizens as well.

We've added a Data Protection Officer badge for your website, or to print out!

These can be used to demonstrate your commitment to compliance with data protection legislation and best practice.

The ICO have published a 10 step guide to sharing information to safeguard children or young people from physical, emotional or mental harm. 

The new guidance addresses concerns from organisations and frontline workers that may be scared to share information for fear of falling foul of data protection law.

A number of schools have recently been victims of cyber attacks, some of whom we have been working with to determine the extent of the data breaches. 

The current attacks seem to be directed at secondary schools causingsome to close for a week or work on reduced hours, while systems and data are recovered.

We wanted to highlight an organisation called the National Cyber Resilience Centre Group which consists of nine regional centres in the UK that were set up to strenghten the reach of cyber resilience across the business community.

A coalitiion of police, government, large employers and organisations and academia are supporting the growth of the Cyber Resilience Centre Network.

The ICO has recently published new guidance about bulk email communications following a number of data breaches caused by the incorrect usage of CC and BCC (carbon copy and blind carbon copy). 

Emails sent to the wrong person or emails copied rather than blind copied to customers/parents are the most common data breaches seen and are often because someone is rushing or under pressure.

The time following a cyber attack can be very stressful, and in the heat of the moment it can be difficult to know what the best thing to do between working out what went wrong, how to recover and what went missing, it can be hard to know where to start first.

We provide some help and guidance in our Information and Cyber Security Best Practice Area, which also includes the checklist:  document What to do immediately after a Cyber Attack(58 KB) .

We've created a model Social Media Policy.  The policy outlines guidelines and expectations for the use of social media platforms by individuals and employees associated with an organisation. 

The primary aim of the policy is to ensure responsible, respectful and effective use of social media while protecting the organisation's reputation and interests.

Are you looking for some data protection training for your inset day(s) at the start of term?  Here are some ideas about how to raise awareness around data protection and cyber security for your staff. 

The training should be relevant, accurate and up to date. 

Microsoft has recently announced the planned retirement of the Microsoft A1 Licenses for Education.  According to Program Updates in Microsoft 365 for Education page the main reason is to limit storage.  Free, unlimited storage plans have become prohibitive and have become a large vector for security risks and fraud. 

We've produced a document to provide help and guidance in the event of a cyber attack.  The document is part of our Information and Cyber Security Best Practice Area and covers:

This document gives a list of who to contact and what to do just after a cyber attack.  It covers:

For those outside the computing world, it feels as though AI (Artificial Intelligence) has suddenly appeared and having a huge impact on the rest of the world.  Artificial intelligence is intelligence demonstrated by computers, as opposed to human or animal intelligence.  'Intelligence' encompasses the ability to learn to reason, to generalise and to infer meaning. 

The Information Commissioner's Office have recently put Leicester City Council forward as an FOI (Freedom of Information) best practice example. An FOI refers to a request under the Freedom of Information Act. The Act allows any individual or organisation to make a request to a public authority for information they have recorded. 

Surrey Police are investigating a fraud and computer misuse allegation at AQA, England's largest exam board which follows the recent data breach reported by Cambridgeshire Policy into a data breach with the exam boards at OCR and Pearson. Full article: AQA also hit by exam paper cyber attack.

This article was originally published in January 2023, but has been updated with some additional information, following further ransomware attacks on schools in the UK. Highly confidential documents from 14 schools in the UK have been leaked online by hackers.  The Vice Society has been behind a high-profile string of attacks on schools across the UK and the USA in recent months.

If you are a group of organisations such as a multi academy trust and a member of the central team,  it can be useful to view all of the organisations/schools and the main organisation/trust details all at once in several of the Knowledge Bank pages to give an overview.  When your organisation are added into the Knowledge Bank, we will have tagged them all appropriately.

Here's a little fun. It's our not-so-good friend Harry the Hacker. He's all over the place...can you find him?

This article is one in a series of articles about raising cyber awareness in an organisation.  We visit a number of organisations through our data walks and often discuss the use of USB sticks with staff and are told that they are not allowed.  Yet we will see them in use during the walk.  A verbal/written policy is not the same as prevention and detection.  This article will discuss methods for detection and why.

This article is about cyber insurance in the public sector, particularly in relation to schools.  Cyber insurance is a special type of insurance intended to protect businesses from internet-based risks, and more generally risks relating to information technology infrastructure and activities.  It is also known as cyber liability insurance or cyber risk insurance.