AISNSW recently presented a webinar on the topic of a school that had been defrauded due to a trojan on their server which amended the payee details within an online banking batch. The school lost $15,000 and this was the second time this had happened – they weren’t even aware of the initial incursion. This type of fraud could happen to any school and as even the smallest school is a multi-million dollar enterprise nowadays, they are seen as easy targets and worth a fraudster’s efforts. We considered this so important that we needed to bring this to the attention of all schools across Australia urgently.
 
We invited subject matter experts from Malwarebytes to analyse how the incident occurred, and to provide strategies on how you can protect your school’s systems. We invited Mimecast who provide email filtering to advise how that product limits or eliminates the emails which have these fraudulent payloads attached. We invited AON’s cyber expert to explain cyber insurance cover as well as how AON’s resources could assist both before and after a cyber event. EFTSure provided a summary of how their product overlays your school’s online banking platform and can provide a last line of defence as it seeks to externally confirm the bank account details of your payees, before you press the PAY button. Lastly, we invited NAB’s cyber team to present. NAB are keen to ensure their clients do not lose money and also have a wealth of resources to assist schools. Our thanks go out to all of those presenters who provided such informative advice.
 
This was not so much a tech webinar as a business problem webinar as we sought to explain that the problem spans the finance and IT realms. Business managers are the ultimate custodians of the school’s financial assets and the responsibly to ensure finance systems are secure and protected against cyber-attacks is getting more challenging every year as cyber-attacks become more frequent and more sophisticated. However, it can’t be done in isolation. Finance leaders must be proactive and must include the school’s IT staff to advise and assist in system defence. This is now more important than ever.
 
This webinar took place on Friday 19th June at 10 – 11am and was facilitated by David Buley (CFO) and Maurice Cummins (CTO), AISNSW.