When it comes to cybersecurity, it’s easy to feel like you’re facing a moving target. For schools and kura, the challenge isn’t just keeping up with evolving threats – it’s knowing where to turn for support. While systems and tools play a key role, it’s people who make the biggest difference.
Keeping ākonga safer and more secure online is a shared responsibility. Effectively addressing cybersecurity risks requires collaboration between schools (including boards, kaiako and ākonga), IT and technology providers like Google and Microsoft, and N4L, all working together to minimise the risks.
Meet the Cybersecurity team at N4L
At N4L, we have a team of security experts to help you navigate cybersecurity risks. The team watches for online threats, warns schools if something looks suspicious and helps fix issues quickly. While we have a range of security tools available, our team provides an extra layer of security for schools and kura.
We’ve also partnered and integrated with the National Cyber Security Centre’s (NCSC) Malware Free Networks® (MFN) Service and Phishing Disruption Service™ (PDS), which further strengthens our cybersecurity protection.
“The scale of the N4L Security Operations Centre is already significant, processing over 300,000 events per second across the Managed Network, and these new services are now making it even more powerful to help protect schools and kura,” says Hayden Brown, N4L’s Head of Security Operations.
To help you understand how they work, let’s take a look at a typical day for our Security Analysts and the helpful advice they have for schools and kura.
A day in the life of a Security Analyst – staying one step ahead
The work of a Security Analyst is part detective, part engineer and part communicator. It combines problem-solving, tech skills and the chance to help others.
“I love that I’m doing work that matters. Every day is different and it’s rewarding to know I’m helping to keep schools and kura safer online”, says Mehak Telwar, Security Analyst.
A typical day of a Security Analyst includes:
- Checking alerts for unusual activity using multiple tools such as the SIEM (short for Security Incident and Events Management) and firewall logs.
- Investigating signs of potential cyber threats across all school networks, such as phishing, malware and Business Email Compromise (BEC).
- Contacting schools and kura if something doesn’t look right.
- Monitoring systems using advanced tools such as SIEM, firewall and Email Protection.
- Updating detection rules to stay ahead of new threats.
Not every alert signals a serious threat. The team relies on their skills and experience to separate real risks from the noise.
There are many paths into cybersecurity, whether through an undergraduate degree, a diploma, globally recognised certifications, hands-on work experience, or a combination of these. Every job is different, and while a background in security or networking is valuable for this role, much of the learning also happens on the job and alongside peers. “The more we monitor and investigate alerts, the more we grow our knowledge and expertise”, says Mehak.
What happens when a threat is detected?
Some threats need deeper investigation. That’s when the team dig into the details. This might involve:
- Reviewing system logs to look out for any potential threats or suspicious data that may need more investigation.
- Checking threats against global databases.
- Working with the impacted school’s IT provider.
If it’s serious, like a phishing attack or a malware infection, our team acts quickly to limit any harm.
“If there’s a high priority incident, like a BEC or major attack, we’ll reach out to your school straight away by phone and email”, advises Security Analyst, Sithara Fernando.
Sithara also has a reminder: “Make sure your principal, IT lead and office staff know what to do and who to contact. The faster we can respond, the better we can protect your data.”
If a contact can’t be reached, the team will escalate through your N4L Relationship Manager and guide you through the next steps. In some cases, you may also need to notify the Privacy Commissioner and your security insurer.
Proactive prevention
The team doesn’t just wait for threats, they actively look for them and improve defences. This includes running threat hunting exercises and creating new threat detection tools. Cybersecurity is always changing. There’s always a focus on continuous improvement.
Cybersecurity tips for schools
Here are some simple wins to help with the cybersecurity posture of your school. Security Analyst, Ankita Tripathi, has valuable advice that every school should take onboard:
- Strengthen password security: “Encourage staff and students to use strong, unique passwords – and never share them. A password manager can help.”
- Turn on Multi-Factor Authentication (MFA): “MFA adds an extra layer of protection. Even if someone guesses your password, they won’t get in without your second form of ID.”
- Create a simple incident response plan: “Make sure everyone knows what to do if something suspicious happens, who to tell and how to report it.”
Need support? We’re here for you
Educate kaiako and ākonga to report any cybersecurity incidents. If you have questions or think something might be wrong, reach out to our Customer Support team on 0800 532 764 or email [email protected] – who will connect our Security team with your school. If we can’t help, we’ll engage with other appropriate organisations accordingly. Even if you’re unsure, we’d rather you reach out early, as it’s always better to be safer than sorry.
Read more about how N4L helps schools and kura stay secure online here. Want to see more stories like this? Subscribe to our updates.