Prevent is part of the government counter-terrorism strategy. It’s designed to tackle the problem of vulnerable people being drawn into extremism.
This session will help you to understand what Prevent is, and how it will impact educational organisations – in particular FE and sixth form colleges.
2. The Cyber threat
We live in an inter-connected
world that we could not have
imagined even two decades ago
»While it brings almost limitless
opportunities, there are also
threats. It is absolutely vital
that the applications and
connections we use are as
secure as possible
2/03/2016
EdVaizey MP
Minister for culture and the digital economy
3. Cost of breaches continues to soar
2/03/2016 Prevent
‘Starting
point’
» for breach costs which includes elements such as business disruption,
lost sales, recovery of assets, and fines and compensation
£1.46m -
£3.14m
» is the average cost to a large organisation
» up from £600k - £1.15m a year ago
£75k - £311k
» is the average cost to a small business
» up from £65k - £115k a year ago
5. Computer Security Incident ResponseTeam
»Safeguarding your current and future computer security, with a
primary function to monitor and resolve any security incidents that
occur on the Janet network
»Our mission is to create a secure environment to conduct your
online activities. Our primary function is monitor and resolve any
security incidents that occur on the network, with specialists
tracking a range of platforms, including Unix, Linux and Windows
Janet network CSIRT
2/03/2016 Prevent
6. Computer Security Incident ResponseTeam
»We work closely with our community to detect, report and
investigate incidents that pose a threat to the security of our
customers' information systems. We also investigate other forms of
network abuse such as spam and copyright infringement
»Due to the geographical scope of incidents, we assist national and
international law enforcement agencies in their investigations,
connecting them to our trusted contacts within the community
Janet network CSIRT
2/03/2016 Prevent
8. CSIRT - Cost benefits
Costs: time to fix the breach, remove infection from computers, deal with
questions, inform staff and students, time that systems are unavailable to staff and
students, fines and compensation, business loss, reputational damage.
» 12.5% of organisations using Janet avoid having one severe security breach
annually due to the existence of CSIRT;
» Using the figures in the BIS report and working with the Jisc SSU
ȣ22.5 million
2/03/2016 Prevent
BIS report “2015
Information Security
Breaches Survey”
£1.46m
to £3.14m
Average cost to a business
of its worst security
breach of the year.
£75k
to £311k
Large
Small
12. Jisc PREVENT activities
»Working closely with BIS and HomeOffice
»Keeping AoC and UUK informed
»HM Government workshop to raise awareness of Prevent
»Statutory regulation advice and assistance
› Blog posts
› Speak at conferences
› Web filtering
»Working in partnership with the Education andTraining Foundation
2/03/2016 Prevent
13. Prevent
»Home Office Prevent duty event in:
› Birmingham, Oldham, Bristol and Luton
»Safeguarding conference at College development network in:
› Stirling Scotland
»The joint Learning for Higher Education (LFHE) and HEFCE
conference Policy into practice;The Leadership Challenge;
CounterTerrorismAct 2015:
› Bristol and Manchester
Conferences and meetings
2/03/2016 Prevent
14. Prevent
»HEFCE Prevent team with, Head of strategic engagement and Head
of strategic development to join up our approach with HEFCE
»AoC 'Implementing the Prevent Duty' Conference 30 September
»“And more meetings than I care to remember with
› BIS, Home Office, UCISA, HEFCE, AoC, UUK, EducationTraining
Foundation, Learning Foundation for Higher Education…
Conferences and meetings
2/03/2016 Prevent
16. Workshop to raise awareness of Prevent (WRAP)
WRAP is a free specialist workshop, designed by HM Government
to give you:
»An understanding of the Prevent strategy and your role within it
»The ability to use existing expertise and professional judgment to
recognise the vulnerable individuals who may need support
»Local safeguarding and referral mechanisms and people to contact
for further help and advice
»This workshop is an introduction to the Prevent strategy , it does
not cover wider institutional responsibilities under the duty
2/03/2016 Prevent
17. Workshop to Raise Awareness of Prevent (WRAP)
»Facilitated online learning, no travel required
»Delivered by our award winning training team
»Highly participatory sessions
»Share best practice across the sectors and nationwide
»Information and registration at jisc.ac.uk/advice/training
2/03/2016 Prevent
18. Why live online?
»Senior management
»Remote staff
»New starters
»Student council
WRAP delivery is also available from local police and Regional
HE/FE Co-ordinators, who also run train the trainer programme.
Jisc sessions are useful for:
2/03/2016 Prevent
19. Jisc WRAP 3 training update
» Total people who have completed WRAP training with Jisc is now 1464
» Sector breakdown of attendance is:
› 39% HE
› 56% FE and skills
› 5% other (partners/funders/internal)
» As previously noted FE are in general well ahead of HE in terms of staff
training, with programmes already in place, and this is reflected in these
attendance figures
» Jisc are currently offering 4 sessions per week and are experiencing high
demand for courses from all sectors – courses are fully booked for two
weeks in advance of delivery
2/03/2016 Prevent
20. Feedback
“Excellent insight it shows how education is important and how education may
help people find their purpose again.”
“Good session, initially was worried as 2 hours is a long time, relieved it was
engaging and interactive - a good webinar, thank you.”
“Thank you, it has been very informative and has developed a better
understanding for everyday practice in my role as Head of Curriculum.”
“I thoroughly enjoyed the session.”
“Thank you for providing this course it has helped me understand
what to look for and how prevent can help.”
2/03/2016 Prevent
21. Prevent
»Link to Andrew’s blog http://bit.ly/Prevent_andrews_blog
»Prevent duty guidance http://bit.ly/Prevent_duty_guidance
»The statutory instrument bringing it into force is The
Counter-Terrorism and Security Act 2015 Regulations 2015 at
http://bit.ly/Prevent_legislation
If you want to know more
2/03/2016 Prevent
22. The Education andTraining Foundation
»Complying with the Prevent Duty
»Information and resources for:
› Practitioners
› Support staff
› Leaders and managers
› Governors and board members
preventforfeandtraining.org.uk/
Prevent for Further Education andTraining
2/03/2016 Prevent
24. Jisc web filtering - Features
»A cloud based solution with direct connection to Janet at 8Gbps
»Far greater capacity and scalability
»Superior resilience
»Enhanced admin interface experience
»Google SSL search filtering capability
»Mandatory Internet Watch Foundation (IWF) and Unlawful
Extremism content filters
Updated service
2/03/2016 Prevent
25. Jisc web filtering - Features
»User Based Filtering
»Ability to provide different filtering to different users based on AD
memberships
»Easily managed through the enhanced admin interface
»Transparent Proxy
»Removes the need to enter the proxy server into devices on the
network
»Enhances the student and guest experiences by simplifying
connecting their own devices to the internet
»Technical requirement, costs and time frameTBC
Further enhancements
2/03/2016 Prevent
26. Jisc web filtering - Flexibility
A layered approach to filtering that enables you to build a solid
foundation for your policies
Back-stopping your policies
2/03/2016 Prevent
27. Jisc web filtering – Eligibility and pricing
Any organisation with a Janet
connection is eligible to use
the service. If that organisation
has feeder sites which it
provides connectivity to, the
feeder site would need to
purchase its own site license.
Janet connected customers
Fororganisations with connectivity
solutions provided by neither
Janet nor the web filtering service
supplier, providing the organisation
is eligible for JSL Services and no
additional technical intervention
from the supplier is required, then
the service can be used under a
non-JSL site license.
Non-Janet connected customers
2/03/2016 Prevent
28. Jisc web filtering – Eligibility and pricing
Customer pricing
2/03/2016 Prevent
Site type SafetyNet User based filtering
Site with Janet connection <2000 users Included in the Jisc subscription
or central funding for FECs
£499
Site with Janet connection >2000 users £49 + 50p/user
Non-Janet connectivity site <2000 users
£299
£999
Non-Janet connectivity site >2000 users £49 + £1/user
Local authority Bespoke pricing
29. Web filtering and monitoring on line course
»Jisc are currently developing a new facilitated online course
covering network filtering and monitoring
»This will be a multi session online course which will look at the
drivers for filtering and monitoring, the underlying technology,
the tools and services available and the impact of all of these on
an organisation
»The course is expected to be piloted at the end of February
with publicly scheduled courses available to book from
April 1 2016
2/03/2016 Prevent
30. Web filtering and monitoring on line course
»understand their organisation’s requirements for filtering
and monitoring
»articulate their organisations filtering and monitoring aims and
objectives and reflect these through implementation of effective
policy and procedures
»make informed decisions on the purchase and deployment of
infrastructure and services for filtering and/or monitoring
By the end of the course participants will be able to:
2/03/2016 Prevent
31. Web filtering framework
» Jisc has been working to provide aWeb Filtering framework
»The objective of the framework is to enable Jisc to offer a wider
solution pool for a greater proportion of the community to benefit
› saving them the costs of procurement
› yielding individual preferential pricing
› and an aggregated discount
»This will also include institutions that already have solutions
available via the framework, for their ongoing costs
2/03/2016 Prevent
32. Web filtering framework
2/03/2016 Prevent
Activity Date
Notice to European Journal March 2016
Final date for clarifications April 2016
Final date for registration April 2016
Closing date for tenders April 2016
Selection of preferred supplier April/May2016
Contracts placed by April/May2016
[Contract start date/Delivery of
network/ServiceCommencement date]
April/May2016
35. Jisc cyber security services
»Explore the security support available to those connected to the
Janet Network jisc.ac.uk/network/security
»Janet computer security incident response team (CSIRT)
jisc.ac.uk/csirt
»web filtering service jisc.ac.uk/web-filtering
»Mailer Shield jisc.ac.uk/mailer-shield
»educationshared informationsecurity service (ESISS) jisc.ac.uk/esiss
»Email advice and testing jisc.ac.uk/email-advice
»Blacklists and whitelists jisc.ac.uk/blacklists
»Jisc Certificate Service jisc.ac.uk/certificate-service
2/03/2016 Prevent
36. GOV.UK cyber pages
»Keeping the UK Safe in Cyberspace sets out the policy context for
UK cyber; gov.uk/government/policies/cyber-security
»10 Steps to Cyber Security http://bit.ly/Jisc_tensteps
»BIS advice for small businesses http://bit.ly/Jisc_BIS_advice
»Cyber Essentials cyberstreetwise.com/cyberessentials
»Centre for the Protection of National Infrastructure (CPNI)
cpni.gov.uk/advice/cyber
»Cyber Streetwise cyberstreetwise.com
»Get Safe Online getsafeonline
2/03/2016 Prevent
42. “Many educational institutions already use filtering as a means of
restricting access to harmful content, and should consider the use of
filters as part of their overall strategy to prevent people being drawn
into terrorism”
2/03/2016 Prevent: the role of Technology
44. HEFCE Monitoring Framework (para 15)
“The intention of the Prevent duty is to ensure that all specified
authorities assess the level of risk that people within their functional
responsibilities may be drawn into terrorism, and have suitable policies,
procedures or arrangements in place to mitigate those risks”
2/03/2016 Prevent: the role of Technology
45. “Whether and how” to use technology?
2/03/2016 Prevent: the role of Technology
46. “Whether and how” to use technology?
»Is technology more effective to prevent or detect?
2/03/2016 Prevent: the role of Technology
47. “Whether and how” to use technology?
»Is technology more effective to prevent or detect?
»What guidance do we have on online signs of problems?
2/03/2016 Prevent: the role of Technology
48. “Whether and how” to use technology?
»Is technology more effective to prevent or detect?
»What guidance do we have on online signs of problems?
»Where might we detect patterns indicating risk?
2/03/2016 Prevent: the role of Technology
49. “Whether and how” to use technology?
»Is technology more effective to prevent or detect?
»What guidance do we have on online signs of problems?
»Where might we detect patterns indicating risk?
»How are users likely to react?
2/03/2016 Prevent: the role of Technology
50. “Whether and how” to use technology?
»Is technology more effective to prevent or detect?
»What guidance do we have on online signs of problems?
»Where might we detect patterns indicating risk?
»How are users likely to react?
»How to keep those at risk within our support systems?
2/03/2016 Prevent: the role of Technology
51. “Whether and how” to use technology?
»Is technology more effective to prevent or detect?
»What guidance do we have on online signs of problems?
»Where might we detect patterns indicating risk?
»How are users likely to react?
»How to keep those at risk within our support systems?
»How can we best change minds?
2/03/2016 Prevent: the role of Technology
53. Implementing Prevent
How best to use to comply with the
Prevent Duty
Matt Dean, Technology Policy Manager
2 March 2016
54. • An increased awareness of the targeting of young people in colleges
by a variety of extremist groups – although not confined to colleges,
attempts to ‘radicalise’ young people have increased in recent years.
Colleges are vital parts of the community;
• A shift to making the Prevent Duty a part of the broader ‘safeguarding’
agenda – the language, and policy around, Prevent has developed to
include pastoral care. Safeguarding implies a different way of viewing
radicalisation;
• Prevent is now part of the funding and inspection regime – legal and
funding changes mean that colleges are required to implement the
Prevent Duty. There are differences between what colleges HAVE to do
and what form monitoring might mean.
Context
55. • Legal requirements – The Counter-Terrorism and Security Bill (2015)
places a duty on colleges to, ‘have due regard, in the exercise of its
functions, to the need to prevent people from being drawn into
terrorism’. There are clear legal duties in place;
• Colleges are required to work collaboratively – The Bill does not
discriminate between types of education provider. Colleges have
students of diverse ages, backgrounds undertaking diverse
programmes of study.
• Ofsted will inspect compliance with the statutory Prevent Duty and an
‘inadequate’ would trigger an intervention– Colleges need to provide
training to staff, to have named individuals with clear responsibilities
and be able to evidence compliance. Be clear on the differences
between legal requirements and developing appropriate ways of
working.
Policy agenda
56. • Two conferences to date – AoC will continue to run conferences,
seminars and regional events as the programme develops. Providing
the space for colleges to discuss how they implement the Duty is
vital.
• Resources – The AoC website (aoc.co.uk) has numerous, free to
access, resources on policy analysis, case studies, blog posts and
news items. Stay informed about legal and policy changes and about
how colleges might inform the debate.
• AoC work as a single point of contact – AoC coordinates activity
among all government departments and agencies and has a Policy
team that works to see that a coherent and rational approach is
adopted by them and by colleges. If you have questions, AoC is best
placed to help.
AoC and the Prevent Duty
Editor's Notes
About Janet CSIRT
Our mission is to create a secure environment to conduct your online activities. Our primary function is monitor and resolve any security incidents that occur on the network, with specialists tracking a range of platforms, including Unix, Linux and Windows.
We work closely with our community to detect, report and investigate incidents that pose a threat to the security of our customers' information systems. We also investigate other forms of network abuse such as spam and copyright infringement.
Due to the geographical scope of incidents, we assist national and international law enforcement agencies in their investigations, connecting them to our trusted contacts within the community.
Information security threats are not limited to particular networks or national boundaries, and we work with other CSIRTs across the UK, Europe and the rest of the world to manage and resolve incidents. We have built strong relationships with other security researchers and sources of security reports to ensure we provide you with a fast and effective response.
162 HEIs in the UK 300 FES organisations
The sessions have also been attended by representatives from BIS and were also reviewed by Matthew Batton from The Home Office. The Home Office liked our approach to facilitated online learning and has since asked us to feature our online WRAP sessions in the forthcoming Prevent Training Catalog. Feedback from sessions has been very positive and there is high demand for courses, from all sectors and a varied audience including tutors, student welfare officers, College principles and members of safeguarding teams.
At it’s most basic level, the system’s only filtering is based on the IWF and Unlawful Extremism content list.
I.E. it is only restricting access to illegal content – the rest of the web is open.
Using any more of the capabilities of the system is up to you.
If you want to filter Gambling sites you can, if you want to leave them open, you can, if you want to leave particular sites open but not others, you can, the choice is yours.
A big consideration with filtering is the administration overhead; the simpler the approach the easier it is and less time consuming to administrate.
Usage is subject to fair usage.
A sustained period of 4 months excessive usage could result in a levy to upgrade the service infrastructure in order to maintain the service.
Any intended levy would be subject to 6 months notice.
Usage is subject to fair usage.
A sustained period of 4 months excessive usage could result in a levy to upgrade the service infrastructure in order to maintain the service.
Any intended levy would be subject to 6 months notice.
Janet computer security incident response team (CSIRT)
Safeguarding organisations current and future computer security, with a primary function to monitor and resolve any security incidents that occur on the Janet network.
web filtering service
Allows organisations manage access to websites in accordance with their local policy using configurable lists of blocked or permitted web addresses.
Mailer Shield
The service helps manage organisations mail facilities, offering additional security by identifying the source of a message and indicating whether it is listed in any blacklists.education shared information security service (ESISS)
Helping organisations to reduce the risk of information security breaches and reduce the costs of prevention, management, remediation and audit activities.
Email advice and testing
STAN - the spam-relay tester and notification system. This service will test organisations mail server and report unauthorised relays.
Blacklists and whitelists
Access Jisc copies of several leading DNS blacklists and whitelists
Blacklists will enable you to block 'unwanted' email, while at the other end of the spectrum, whitelists will allow 'wanted' email to get through to end users.
Here’s the Home Office guidance for E&W HE – others are similar
Here’s the bit about ICT
The rest is policies and processes to identify people at risk of radicalisation and to help them avoid that risk
And, actually, this is the bit about technology
The other two paragraphs are also IT policy – on acceptable use and arrangements for legitimate research
And here’s what that says: institutions that already use filtering for other things should *consider* using it for Prevent too
But why only “consider”? Surely if you’re already using filtering then it’s a no-brainer to tick the “extremism” box?
Well maybe. Remember the objective is to help people at risk of radicalisation. That’s people who are already feeling – whether from news, chats, or their own experience - that an injustice is being done to “us” and “they” aren’t doing anything about it.
And how is someone like that going to react if their attempts to find out more produce…
Some students might go back to their studies
But I suspect others will go and do the same research on other networks, or through VPNs.
So we lose any chance of noticing their online activities and bringing them in to those other policies and processes
Whereas what we’re supposed to be doing is…
Here’s what we’re trying to do…
Mitigate risks…
HEFCE’s Advice Note (again, with one tech bullet to four policy ones) asks “whether and how” to use tech to do that
Where might we pick up indications that someone is at risk? (Remembering that these are likely to be patterns of behaviour, not single acts)
What guidance do we have on online signs to look out for? Are they suitable for use by humans or machines?
How are users likely to react? (Remembering how easy technology makes it to hide, and that this will depend on what they are used to, hence the HO “Sites that already use…”)
How can we keep those at risk within our support systems? (Remember “filtering as part of…”)
HEFCE’s Advice Note (again, with one tech bullet to four policy ones) asks “whether and how” to use tech to do that
Where might we pick up indications that someone is at risk? (Remembering that these are likely to be patterns of behaviour, not single acts)
What guidance do we have on online signs to look out for? Are they suitable for use by humans or machines?
How are users likely to react? (Remembering how easy technology makes it to hide, and that this will depend on what they are used to, hence the HO “Sites that already use…”)
How can we keep those at risk within our support systems? (Remember “filtering as part of…”)
HEFCE’s Advice Note (again, with one tech bullet to four policy ones) asks “whether and how” to use tech to do that
Where might we pick up indications that someone is at risk? (Remembering that these are likely to be patterns of behaviour, not single acts)
What guidance do we have on online signs to look out for? Are they suitable for use by humans or machines?
How are users likely to react? (Remembering how easy technology makes it to hide, and that this will depend on what they are used to, hence the HO “Sites that already use…”)
How can we keep those at risk within our support systems? (Remember “filtering as part of…”)
HEFCE’s Advice Note (again, with one tech bullet to four policy ones) asks “whether and how” to use tech to do that
Where might we pick up indications that someone is at risk? (Remembering that these are likely to be patterns of behaviour, not single acts)
What guidance do we have on online signs to look out for? Are they suitable for use by humans or machines?
How are users likely to react? (Remembering how easy technology makes it to hide, and that this will depend on what they are used to, hence the HO “Sites that already use…”)
How can we keep those at risk within our support systems? (Remember “filtering as part of…”)
HEFCE’s Advice Note (again, with one tech bullet to four policy ones) asks “whether and how” to use tech to do that
Where might we pick up indications that someone is at risk? (Remembering that these are likely to be patterns of behaviour, not single acts)
What guidance do we have on online signs to look out for? Are they suitable for use by humans or machines?
How are users likely to react? (Remembering how easy technology makes it to hide, and that this will depend on what they are used to, hence the HO “Sites that already use…”)
How can we keep those at risk within our support systems? (Remember “filtering as part of…”)
HEFCE’s Advice Note (again, with one tech bullet to four policy ones) asks “whether and how” to use tech to do that
Where might we pick up indications that someone is at risk? (Remembering that these are likely to be patterns of behaviour, not single acts)
What guidance do we have on online signs to look out for? Are they suitable for use by humans or machines?
How are users likely to react? (Remembering how easy technology makes it to hide, and that this will depend on what they are used to, hence the HO “Sites that already use…”)
How can we keep those at risk within our support systems? (Remember “filtering as part of…”)
HEFCE’s Advice Note (again, with one tech bullet to four policy ones) asks “whether and how” to use tech to do that
Where might we pick up indications that someone is at risk? (Remembering that these are likely to be patterns of behaviour, not single acts)
What guidance do we have on online signs to look out for? Are they suitable for use by humans or machines?
How are users likely to react? (Remembering how easy technology makes it to hide, and that this will depend on what they are used to, hence the HO “Sites that already use…”)
How can we keep those at risk within our support systems? (Remember “filtering as part of…”)