In this edition of cyber news roundup, we’ll be looking at the continuing cyber threat to health and education sectors, the risks that app stores pose to users, and 2021’s most exploited vulnerabilities.

There has been a new report published on the use of biometric data in schools. The report is entitled ‘The State of Biometrics 2022: A Review of Policy and Practice in UK Education’, and you can find the full report by clicking here. 

Amazon’s latest entry into the smart home device technology is their Astro bot, which they describe as:

“The household robot for home monitoring, with Alexa. When you're away, use the Astro app to see a live view of your home, check in on specific rooms and viewpoints, and get activity alerts. When you're home, Astro can follow you from room to room playing your favorite music, podcasts or shows, and find you to deliver calls, reminders, alarms, and tim

The Record of Processing can often seem like a daunting process to undertake- but it’s important to view it as exactly that- a process. Documenting the processes your organisation carries out is an ongoing project that you continue to evolve and develop as those processes change. The value you can get out of spending some time and care by completing various ones shouldn’t be underestimated. We’ve spoken to some of the people who have used the RoP tool on the Knowledge Bank, and asked th

In April's Cyber News Update, we take a look at breaches that have impacted Funky Pigeon and WhatsApp, as well security updates and cyber threat advice.

The Department for Digital, Culture, Media and Sport have recently published their annual report from their Cyber Security Breaches Survey. As part of this, they have also published a report which looks at educational institutions in particular.

2022 Security Breach Report Published

The Cyber Security Breaches Survey for 2022 has recently been published by The Department for Digital, Culture, Media and Sport- the full version of which you can find by clicking here.

VPN’s have become commonplace over the past couple of years, with every content creator out there having at some point been sponsored by Nord VPN (other VPN providers are available). VPN's are mostly used so that we can watch content on streaming platforms that would otherwise be blocked in the UK. However, as well as allowing you to watch Pulp Fiction on Canadian Netflix, VPN’s have excellent security benefits that can help prevent data breaches and cyber attacks. 

Organisations in Ukraine are the target of Destructive Malware

Agencies in the US and Australia have published alerts in response to a recent increase in cyber threats to organisations in Ukraine, stating that organisations should take steps to mitigate the threat that currently exists from destructive malware.

Data Protection Education are leading specialists in Data Protection for Schools and Trusts, with the key service that we offer being a Data Protection Officer (DPO) service. Under UK GDPR, Public Authorities or Bodies, as well as businesses carrying out certain processes are required to appoint a Data Protection Officer (DPO). But what does a DPO do? What value do they bring to an organisation, and how do we help you stay data protection compliant?

Read more …

Recently there has been an annual study published by Ponemon Institute (sponsored by Experian) entitled “Is Your Company Ready for a Big Data Breach?”. The study looks at the state of breach preparedness across organisations over a period of a year,

When we talk about information security and cybersecurity, those that write about this area can often use complex and technical terms, assuming that the reader has the required knowledge to fully understand what those terms mean.

Microsoft Azure Breach Leads to Student Data Exposure 

Researchers and Clario published a report which outlined how an open Microsoft Azure repository indexed by a public search engine which needed no authentication had been found.

It’s been far too long since we’ve checked in with Facebook (now Meta), and their ongoing mission to make as much money as possible from our data, so we thought we would discuss the Metaverse, with Mark Zuckerberg’s company being at the forefront

The NCSC has provided some insight and guidance changes on Security practices in the past week which will be the topic of this week’s cyber update. Below is a summary of their guidance, with some additional resources.

The 1st of January, the 25th of December, and the 28th of January- the three biggest dates in the calendar each year for being New Years Day, Christmas Day and of course, Data Privacy Day.

Retention of Child Protection Information is for 25 years from the DOB of the Pupil 

The Education (Pupil Information)(England) Regulations 2005 (SI 2005/1437 states that pupil records should be retained for 25 years from the date of birth of the pupil. 

With cyber threats increasing every month, we’ll be looking to provide weekly updates on the different cyber security threats that have taken place recently to highlight all the different ways in which our data can be accessed by those wishing to do harm.

At Data Protection Education, we are carrying out an ongoing project on assessing potential organisations that our schools are either currently contracted with to supply a product or service, or may in the future be in contract with.

With great power comes great responsibility and internet companies should be starting to appreciate and take more seriously the responsibilities they hold further to the publication of the report by the Joint Committee of the Houses of Commons and Lords on the Government's proposed draft Online Safety Bill of May 2021.

Email is the classic GDPR issue - it's not about the system where we store things, it's about the process and how that data is used. So ask yourself, what is the content of the email and what does it relate to?