We recently met with Daniel Sykes, the Cyber Crime Protect and Prepare Office for the South East Cyber Resilience Centre, to ask
about how their services can help small businesses, schools and multi academy trusts.
The South East Cyber Resilience Centre is a police-led partnership with academia and businesses aimed at improving cyber resilience in businesses across the South East of England. The areas covered by this centre are: Thames Valley, Oxfordshire, Berkshire, Buckinghamshire, West Sussex, East Sussex, Surrey, Hampshire, and the Isle of Wight.
What does this mean for small businesses, schools, colleges and MATs?
It means that you can get free help and advice, including training from this organisation. They offer free webinars:Cyber Security for Humans
but will also do free either in person or online cyber training for staff. If you are in the south and would like to contact Daniel for some staff training, his details are (he requires 20+ people for onsite training):
Daniel Sykes (CISMP)
Cyber Crime Protect and Prepare Officer
Cyber Crime Unit
Surrey and Sussex Police
Force Mobile – 07971337166
We asked Daniel what should we be advising schools to do who are unclear about where they are with their cyber strategy?
He recommended installing and setting up the Police Cyber Alarm which is a free tool to help you understand and monitor malicious cyber activity against your network. The Cyber Alarm can help you help the police check your systems and advise you on anything suspicious. It can help the police understand what threats there are and identify any repeated patterns or trends on particular services. The Police Cyber Alarm had a poor reputation amongst schools when it was first released, but is now recognised as a tool to help organisations safely monitor their networks at no extra cost. A report is provided, which is also useful in preparing for future cyber resilience.If you are an organisation in the South East of England and would like to benefit from these and more resources, their website is here: The South East Cyber Resilience Centre
If you are an organisation that doesn't know where to start with their cyber security plan, then start by looking at their: Cyber Workout Plan
Information about the other Cyber Resilience Centres:
Cyber Resource: The Cyber Resilience Centre Group
How resilient is your organisation?
(An example of the kind of question to ask is below). If you are a school or MAT are you checking in with the DfE Digital Standards for schools and colleges?What to do in the event of a Cyber Attack
Tell someone! Report to IT. Report to SLT.Unplug the computer from the internet by removing the ethernet cable or turning the Wi-Fi off. Isolate the infected device and pass to IT
If you are a victim of a ransomware attack we would recommend reporting this to:
Action Fraud: https://www.actionfraud.police.uk/ as well as your data protection officer so they can advise about the data loss or your local police and ask for the cyber crime team or phone 101 and ask for the cyber crime team.
Most cyber crimes like these will also need to be reported to the ICO by your data protection officer. Our customers should email
These incidents should also be reported to the DfE sector cyber team at
Academy trusts have to report these attacks to ESFA.
Where the incident causes long term school closure, the closure of more than 1 school or serious financial damage, you should also inform the National Cyber Security Centre.
Always ensure there are backups you can restore from. Preserving evidence is as important as recovering from the crime.
Forward suspicious emails to