With regular headlines about schools falling victim to cybercrime, there is increasing pressure to ensure that governors and school leaders have appropriate controls in place to protect their school. With this in mind, LGfL has developed the Elevate Cybersecurity Toolkit for Schools.
Cybersecurity Policy Template
This cybersecurity policy should complement schools existing social media and acceptable use policies. The policy outlines the school’s guidelines and security provisions that are there to protect its systems, services, and data in the event of a cyberattack.
Incident Response Plan
If your school is unfortunate enough to fall victim to a ransomware attack, or any other kind of unforeseen outage it needs a plan for how to recover. This Incident Response Plan can be used as a starting point for planning how you would recover.
Example Risk Register
This example risk register can be used to Assess, Evaluate, Prioritise and Manage cybersecurity risks. It is a great tool to help support how schools report to governors on how they are proactively managing risks and improving their cybersecurity.
Example Asset Register
It sounds obvious, but it’s impossible to be secure if you don’t know what you have. This asset register can be used as a starting point to inventory the equipment used in your school.
Example Software Register
In the same way that you can’t be secure if you don’t know what equipment you have, you also need to know which software and systems hold confidential information. This software register can be used to record which software/systems you have and whether they hold confidential information. It can be used to complement the Incident Response Plan for prioritising the recovery of services.