The education sector may not immediately stand out as a key target for cyber criminals but there has been a significant spike in threats to this sector, especially with ransomware attacks, but this is not the only concern.

Schools are perceived to be soft targets due to the low levels of cyber security some of them employ. They also hold sensitive personal data on staff, pupils and parents that can be valuable to attackers, and have financial assets and processes that can be exploited by criminals to steal money.

The ECRC has gathered some key tools and guidance from the National Cyber Security Centre (NCSC) and the The Education Network (NEN) specifically to help the education sector become aware of the current cyber threats and guide them in how to be more cyber resilient. Simply click on the headings for more information.

Free Tools to help build your cyber resilience

Education - Guidance

General Cyber Security Guidance for Schools

Provides Senior Managers and Governors with a broad overview of the range of online threats that an internet connection exposes their schools to, and directs them to tools which can be used to develop a robust cybersecurity policy to avoid or mitigate these risks.

Cyber Security:"What if?" Guide

A discussion about what to do if you find yourself caught up in a cyber incident.

Schools Checklist

Checklist to define and formalise the responsibilities of each part of the school community from SMT to teaching staff and pupils.

IASME Cyber Essentials for Schools

Cyber Essentials is a simple but effective, Government backed scheme that will help you to protect your school, whatever its size, against a whole range of the most common cyber attacks.

Tackling the Cyber Threat in Education

An excellent webinar from our sister site, East Midlands CRC, made specifically for the education sector can viewed below:

Non-technical free tools:

Questions for Governors & Trustees

Questions for the governing body and trustees to ask school leaders, to help improve a school's understanding of its cyber security risks.

Cyber Security Training for School Staff

The NCSC has produced free cyber security training to raise awareness and help school staff manage some of the key cyber threats facing schools.

Early Years Practitioners: Protect Settings

How to protect sensitive information about your setting and the children in your care from accidental damage and online criminals.

Membership with the Eastern Cyber Resilience Centre

Sign up for our free membership and receive our “Little Steps” emails giving easy to understand guidance about steps you need to implement to achieve Cyber Essentials. You can also access our a monthly newsletter, affordable student services and our Forum where you can meet other professionals with the same questions as yourself.

NCSC Cyber Action Plan

Learn how to protect yourself or your small business online with the Cyber Aware Action Plan. Answer a few questions on topics like passwords and two-factor authentication, and get a free personalised list of actions that will help you improve your cyber security. This is a great place to start your resilience journey and quickly identify areas that need improvement.

Incident Response Plan

To help you minimise the impact of a cyber-attack we have created a Cyber Incident Response Plan for you to use. Create a plan and then use Exercise in a box to test its effectiveness.

Exercise in a Box

These are online tools which helps organisations test and practice their response to a cyber-attack. There are a range of scenarios to encourage discussion about how your company would react, to allow you to understand if the right policies and procedures are in place.

If you are not comfortable with running this exercise yourself, your local police protect officer can guide you through this for free and our affordable student service can conduct a policy review beforehand to ensure you are in the best place.

NCSC Board Toolkit

Boards are pivotal in improving the cyber security of their organisations. The Board Toolkit has been designed to help board members get to grips with cyber security and know what questions they should be asking their technical experts.

NCSC Cyber Security Training for Staff

Your staff are your first line of defence against a cyber-attack. The NCSC has developed an e-learning training package ‘Stay Safe Online: Top Tips for Staff’ to help educate your staff on a range of key areas including phishing, using strong passwords, securing your devices and reporting incidents.

Technical free tools:

Police CyberAlarm

The Police CyberAlarm is useful to help your business understand and monitor malicious cyber activity. Police CyberAlarm acts like a "CCTV camera" monitoring the traffic seen by a member's connection to the internet. It detects and provide regular reports of suspected malicious activity, enabling organisations to minimise their vulnerabilities. Vulnerability Scanning can be added and used to scan an organisations website and external IP addresses.

Early Warning

This is a NCSC service that sends you high level alerts, in daily and weekly summaries, based on your IP and domain names, containing:

• Incident notifications suggesting an active compromise of your system. This might be a host on your network being infected with malware.
• Network Abuse Events suggesting your assets have been associated with malicious or undesirable activity. This might be a client on your network found scanning the internet.
• Vulnerability and Open Port Alerts suggesting vulnerable services running on your network, or undesired applications are exposed to the internet. This might be an exposed Elasticsearch service.

Mail Check

Assesses email security compliance, helping implement anti-spoofing controls (SPF, DKIM and DMARC) and email confidentiality (TLS).

Web Check

Web Check provides regular automatic scan of your website and alerts you to common website security issues and advises on how to fix them. This can be used in conjunction with vulnerability testing by our affordable student services.

You might ask what the difference between Web Check and a vulnerability test is. Our vulnerability assessment uses the OWASP methodology which is regularly reviewed for the top ten most common threats to web applications. Students use automated as well as manual tests to investigate the different processes such as looking at what file uploads were permitted.

NCSC Scanning Made Easy

This is a collection of NMAP Scripting Engine Scripts, designed to help system owners and administrators find systems with specific vulnerabilities. The script will output simple-to-read results including a description of the vulnerability and a link to the vendor security advisory. Running this script often and following the linked vendor advice will help to keep your network secure

Affordable services

Ok, these aren’t free, but they are affordable, and we do mean affordable. We want every company operating to be able to access essential cyber resilience services.

We work with local universities to identify students who have the skills and aptitude to work in the cyber industry. They are trained and mentored by senior ethical hackers to be able to deliver these services.

Our students get amazing real-world experience, while your company gets an amazing service from students who are enthusiastic and dedicated to getting it right.

All the services are bespoke to your company, so pricing is based on what you need. You can a free, no obligation quote so you can see how affordable our services are. Why not contact us to find out more?

Further guidance & support

The Eastern Cyber Resilience Centre is a not-for-profit organisation, run by policing, with the intention of increasing cyber resilience of SMEs within the East of England.

Our members can benefit from a range of services, from helping you improve your cyber resilience through our “little steps” programme to being notified about the threats relevant to you.

Why not join our community today?

Reporting a live cyber-attack 24/7

If you are a business, charity or other organisation which is currently suffering a live cyber-attack (in progress), please call Action Fraud on 0300 123 2040 immediately. This service is available 24 hours a day, 7 days a week.

Reporting a cyber-attack which isn't ongoing

Please report online to Action Fraud, the UK's national reporting centre for fraud and cybercrime. You can report cybercrime online at any time using the online reporting tool, which will guide you through simple questions to identify what has happened. Action Fraud advisors can also provide the help, support, and advice you need.

Report a phishing attack

If you suspect a phishing attack, please report it to the Suspicious Email Reporting Services (SERS) set up by the NCSC at: report@phising.gov.uk

Text messages can be forwarded to 7726

Policing led – business focused.