Our top takeaways from May’s NCSC panel discussion held at CYBERUK 2021 on cyber trends, challenges and how to tackle the growing number of cyber threats.
After listening to some of the most qualified people at the National Cyber Security Centre reflect on cyber trends and the risks and challenges our country faces, if security isn’t towards the top of your school or MAT’s agenda, the below takeaways may well spur a shift in priorities when it comes to your cyber defences.
We know cybercrime has been on the increase for many years, however last year saw a surge in activity with a marked increase in the frequency and volume of attacks, the education sector being no exception. The NCSC is seeing different and new attacks from a full range of active adversaries; not just supply chain attacks but a growing number of cyber criminals and organised cybercrime groups. Online serious crime is on the rise.
Dr Ian Levy, Technical Director, NCSC suggests “threats are interested in what we do, because we allow them to do it.” The importance of demotivating adversaries cannot be stressed enough. Organisations need to have better systems and better technology in place to demotivate the adversaries.
Our change in use of technology during the pandemic massively increased the available threat surface; the increased use of platforms such as Teams and Zoom are an obvious example of this, together with an increase in the volume of emails and phone calls. The nation is gradually wising up to the threats, but the increase in volume means there is still valuable prey to target.
There is an increase in the sophistication of attacks too. And it’s here where your data is key. Data is exfiltrated from organisations and used for criminal gain. Jeremy Flemming, director of GCHQ describes our country’s data as the “crown jewels” and says they need protecting.
Risks to organisations are changing all the time. Complexities are constantly being added, very often without knowing it. The more complex our systems, the more opportunity there is for fraudsters, the more risk there is to the security of them.
The challenge for the country is to build an ecosystem so that the UK doesn’t become a target. The same challenge is true for schools and MATs.
Networks require full unified threat management systems that provide real-time protection. That includes protection against advanced persistent threats, intrusion prevention, anti-virus, Ransomware, email filtering and application control. The advice is to use layers of defence with several mitigations at each layer. To ensure your first layer of protection provides adequate defences, ask your security provider how often their systems are updated to protect against new threats. The Schools Broadband hosted Fortinet Firewalls and Unified Threat Management service for example, identify and contain new attacks in a matter of seconds.
The NCSC has created a useful video providing an overview of ransomware and how it can be deployed. It advises how to do a proper back-up as a means to mitigate the threat of ransomware. The session also gives an incident overview of how ransomware can affect an educational setting with a Q&A panel at the end that explores other cyber security tips and measures schools should be adopting.
To watch the full panel discussion click here: video session
For protection and advice on robust security infrastructures for your school or MAT contact us: 01133 222 333 | firstname.lastname@example.org