Holiday Cheer or Cyber Fear? : Essential Pre-holiday Checks
Did you know there is an increase in cyber attacks on a long weekend? Long weekends and holidays are 'peak season' for hackers who exploit reduced oversight.
Why is the threat increased?
🚩 The Human Factor: increased phishing and remote access.
🚩 The Response Gap: delayed detection and lack of onsite staff.
🚩 The Criminal Edge: attackers no 'no one is home' and can work undetected.
According to the Cyber Breaches 2025 Report: phishing is still the most common form of cyber breach for businesses and education with staff training being the most preventative measure.
Improve Cyber Resilience: Pre-holiday Power Checklist:
🛡️IT Leads:
- Ensure multi factor authentication is set up on all critical systems and systems that give access to personal data.
- Have a cyber response plan which everyone has access to and knows who to contact if they suspect a cyber incident. Sometimes someone may pop into school to complete some work or try and access the network and find they can't. Staff should understand that if that every happens, then they should contact SLT/IT for further investigation.
- Remind staff about the dangers of phishing emails. Ensure staff know who to report any incidents to, especially if they have input any credentials.
- Limit systems that can be used outside of school and remotely. Ensure any remote access is closed down or extra secure and regularly review.
- Have a named contact in the event of an incident.
- Ensure you have a backup and backup plan, with a practised recovery.
- Ensure your systems are as up to date as they can be, so they are not open to known vulnerabilities.
- Where possible have some logging and monitoring software in place that will alert someone should your network come under attack. Design systems to they are able to detect and investigate incidents.
🛡️HR/Admin:
- If any staff are leaving, ensure you have collected equipment and removed their access to systems.
- Check with facilities/estates as to whether any contractors will be on site during the period and ensure devices, services and network cabinets are locked and secure.
🛡️All Staff:
- Report phishing and ensure everyone knows the 'emergency contact'.
🛡️Assign an SLT digital lead - this will help you meet some of the above criteria as they address the DfE Digital Standards. Review our website here: 👉 https://digitalstandardstracker.co.uk/
What to do in the event of a cyber attack:
If you suspect a security breach, timing is everything. The SLT Digital Lead should ensure the incident is reported immediately to:
-
Report Fraud: (The new national service replacing Action Fraud). Call 0300 123 2040 or visit
reportfraud.police.uk -
DfE Sector Cyber Team: Email
This email address is being protected from spambots. You need JavaScript enabled to view it. -
The ICO: Within 72 hours if personal data is at high risk.
-
The NCSC: Especially if the attack leads to school closures or major financial damage.
Other End of Term Guidance:
✅Subject Access Requests: We often see a rise in the number of Subject Access Requests received by schools at the end of term or at the end of the academic year -> Dealing with the SAR surge
✅ Checklists: Review our End of Term checklists: End of Term/Year Routines for Schools
Review our other Guidance for Schools and Data Protection about taking privacy precautions at the end of term: Navigating privacy at the end of term
Review physical security of the building:
document
DPE Model Physical Security Policy(179 KB)
Review the NCSC's 'A Guide to Ransomware'
Remember the cyber criminals will not be taking a holiday!