CICT addresses cyber security issues in public schooling sector
Commercial ICT (CICT) is making a positive impact in the public schooling sector with a recent project entailing the comprehensive overhaul of a Gauteng school’s IT security.
According to Forbes, cyber attacks in the education/research sector are up by 75% and Checkpoint says "education and research was the most targeted sector, with organisations facing an average of 1 605 weekly attacks".
Shane Rheeder, Business Lead at Commercial ICT, says the IT security issues at the school became apparent after an extensive assessment and audit of its current cyber security was undertaken by CICT. “We were able to hack into the system from a location outside the school with relative ease. This is clearly a less than ideal situation for schools to be in, given the rapid increase in cyber attacks.
“We moved onto site in early May to conduct the assessments and review and presented our findings to the headmistress, teaching staff and key members of the school governing body in a report that outlined all vulnerability exploits,” adds Rheeder.
Rheeder points out that the CICT team met with all teachers and, after introducing the company and its capabilities, provided them with general training on awareness of cyber security and hacking.
“They were blown away with our knowledge and positively engaged in the open discussion surrounding hacking and e-mail phishing. We will be running more frequent IT security workshops with the school to ensure we educate and upskill the school on all types of hacking and how to combat the resilient phishing attacks in the country.”
CICT offered the school the option of continuing with their current system provider or allowing CICT to take over the full service level agreement. They agreed that the latter option was the best for their future needs, and CICT now has representation on site on a full-time basis. “Under the SLA, we have transferred the entire network to our servers, allowing us to ensure that the school’s IT integrity is protected through improved cyber security resilience,” says Rheeder.
The scope of work entails using and securing the current 500K network architecture with the addition of FortiGate software for firewall protection and Sophos anti-ransomware software. “In addition, we conducted internal penetration and external penetration testing; and changed the policies, rules and procedures to ensure maximised cyber security in the future. Finally, we are currently writing an ISO 27001 compliance policy document in both a hard copy and electronic format that will ensure the school’s compliance with POPIA.”
Rheeder says CICT effectively took over the full SLA on 1 June and is in the process of making all the required security changes. “The school representatives are thrilled with the proposed security changes and look forward to a stable and secure network. Feedback indicates that they have seen substantial improvements in the overall effectiveness and efficiencies of the system, which has had a positive impact on the school. They noted that most noticeable is the overall improvement in the support and turnaround time on support requests,” says Rheeder.