Cyber Security and E-Safety Event - 23 January 2019 - Smart ICT 4 Schools
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
Cyber Security and E-Safety Event 23 January 2019 Presented in Partnership with East Riding of Yorkshire Council & KCOM East Riding KCOM Paul Johnston, ICT Manager Terry Kent, Product Manager David Cox, Security Manager Leanne Gill, Account Manager Sue Bottomley, School ICT Support Team Leader
Agenda • Introduction • Official Facts & Stats • Internet Safety Checklist For Young Children • Social Media – Know The Rules! • The Power Of Image • Sexting • Who to contact if you are concerned about your child’s online activity • Useful and important links Information provided in this document is provided by the NSPCC & internetmatters.org
Official Facts & Stats 31% of 7-11’s said mean comments stop them enjoying time online (internetmatters)
Internet Safety Checklist for young children Agree Boundaries •Be clear what your child can and can’t do online – where they can use the internet, how much time they can spend online, the sites they can visit and the type of information they can share. Agree with your child when they can have a mobile phone or tablet Explore Together •The best way to find out what your child is doing online is to ask them to tell you about what they do and what sites they like to visit. If they’re happy to, ask them to show you. Talk to them about being a good friend online. Put Yourself In Control •Install parental controls on your home broadband and any internet-enabled devices. Set up a user account for your child on the main device they use and make sure other accounts in the household are password-protected so that younger children can’t access them by accident. Stay Involved •Encourage them to use their tech devices in a communal area like the lounge or kitchen so you can keep an eye on how they’re using the internet and also share in their enjoyment. Talk To Siblings •It’s also a good idea to talk to any older children about what they’re doing online and what they show to younger children. Encourage them to be responsible and help keep their younger siblings safe. Search Safely •Use safe search engines such as Swiggle or Kids-search. You can save time by adding these to your ‘Favourites’. Safe search settings can also be activated on Google and other search engines, as well as YouTube. Check If It’s Suitable •The age ratings that come with games, apps, films and social networks are a good guide to whether they’re suitable for your child. For example, the minimum age limit is 13 for several social networking sites, including Facebook and Instagram. Although sites aimed at under- 10s like Moshi Monsters and Club Penguin also have social networking elements. Use Airplane mode •Use airplane mode on your devices when your child is using them so they can’t make any unapproved purchases or interact with anyone online without your knowledge
Know The Social Media Applications – How old do you have to be? 13 14 16 17 18 NOTE! Most, if not all of these platforms have private messenger services which could be available as separate applications
Summary • Take an interest in your child’s online activity, ask them to show you what they’re doing and who they’re talking to • Have agreed times for online activities • Encourage your children to do something different away from the internet (vary their activities) • Try to keep your child's online activity in your view e.g. main living area of your home • Make sure you have security installed on your connected devices • Be aware that not everybody online is who they say they are
Useful Sites • https://www.thinkuknow.co.uk • https://www.internetmatters.org • https://www.nspcc.org.uk/preventing-abuse/child-abuse-and- neglect/online-abuse • https://www.ceop.police.uk/safety-centre/ • https://www.kidpower.org • https://www.gov.uk • http://www.safetynetkids.org.uk • https://www.getsafeonline.org/safeguarding-children/
Cyber Security Presented by: Dave Cox Security Manager East Riding of Yorkshire
Cyber Security Agenda • Motivation of cyber-attackers • Cyber Threats facing Schools • Motivation of cyber-attackers • Impact of a cyber breach • Assessing current cyber risk, can this be reduced? • Cyber questions you should be asking your IT dept / supplier • Continuous Journey
Motivation of a cyber-attacker • What makes our school an appealing target? • Hackers could see teachers and parents as a “soft target” since they are often ill-equipped to deal with cyber thefts, while sensitive data held by schools - such as children’s medical records - are lucrative on the dark web. • Schools hold interesting information and often quite sensitive information. That means they are a target. • There has been certainly an increase in ransomware and malware attacks. Hackers are looking for any opportunity they can exploit, they are looking for soft targets. • Not all attacks however are targeted
Cyber Threats facing Schools • Phishing Phishing emails are messages that appear to come from trustworthy sites or figures of authority attempting to get the recipient to send personal or financial information. • Ransomware Education is a sector that is regularly targeted with ransomware: Fortinet 2017) 5.9% of government organisations 3.5 % of healthcare organisations 13% of educational institutions • Ransomware is a form of malware that encrypts files until a ransom has been paid and is typically disseminated through malicious links or attachments to emails, which is why schools should employ a secure email gateway. • Distributed denial of service (DDoS) DDoS attacks are used to halt operations by flooding a school’s bandwidth with requests, causing the system to slow or crash, thereby keeping students, staff, and faculty from accessing the network. As schools have increased their digital, DDoS attacks have the ability to hamper every aspect of online operations.
Impact of a breach • What are your “crown jewels”? • What are the potential impacts if our “crown jewels” were accessed by a cyber-attack? How likely is a breach? • When, not if !
What is the current level of cyber-risk and can this be reduced? • Take Ownership at Senior Level: • Establish a strong online perimeter: • Update content filters, constantly: • Establish solid access control policies: Technic • Ensure secure configuration and patch al control management: s Policy • Monitoring and incident management: Control s Physica • Invest in cybersecurity and online safety l Control education: s • Don’t forget physical security Data & • Consider personal devices: Assets
Cyber Questions you should be asking • How will data be backed up, will this be encrypted? Where will data be stored? • Will regular vulnerability tests be conducted? • Are your systems and devices patched and licensed correctly • Who has access to the data and do the control mechanisms in place meet your IT security policy or standards? • What recovery arrangements are in place in the event of an IT infrastructure incident? • Are your staff cyber aware? • Do you enforce secure passwords, are users reviewed regularly? • What is the Anti-Virus and Anti-Malware product used on your devices
Continuous Journey • IT security is a never ending journey PLAN DO • Technical, Physical and Policy controls are required to mitigate risks ACT CHECK • Prevention is a goal, Detection is a must
SmartICT4Schools Partnership Website: www.SmartICT4Schools.com
You can also read