The world is experiencing one of the most turbulent cyber environments in recent memory, with 41.9 million records being breached in March alone, bringing the running total of the year so far to over 300 million pieces of compromised personal data.
The education sector has become a major target for cybercriminals due to the vast volumes of data stored by schools and universities. Consistent attention to compliance and cybersecurity is not at the forefront of the sector’s agendas, with limited resources allocated towards creating resilient cyber defence strategies.
This lack of preparedness has resulted in numerous cyberattacks, where according to a national Cyber Security Breaches Survey, 62% of higher education institutions reported experiencing breaches or attacks at least weekly. It was also exposed that out of all education institutions surveyed, they were the most likely to report breaches or attacks.
Improving IT operational efficiency
As the volume and sophistication of threats continue to increase, universities and schools must evaluate their IT systems and cyber policies to create a resilient cyber posture that can effectively respond to and mitigate inbound threats.
One of the biggest challenges facing education institutions is maintaining visibility over their IT systems and endpoint devices.
Many institutions struggle with the ability to track, locate, and freeze devices or recover missing ones. This is particularly challenging when there are multiple software programmes involved, which can increase the threat surface level. Additionally, deleting sensitive data from unrecoverable devices can prove to be a challenging task.
Without proper visibility, devices are susceptible to threat actors breaching data and applications and moving laterally across the network to spread the breach. Threat types against the education sector do not differ significantly from other vertical industries, with the majority of cyberattacks taking the form of data harvesting through social engineering, phishing campaigns, and malware attacks.
Universities and educational institutions must make sure that the fundamental technological solutions are not only implemented, but also successfully resistant to cyberattacks. This entails patching operating systems, applications, and firmware promptly as manufacturer updates are made available; sustaining anti-virus and anti-malware systems with the most recent signatures; running routine scans; and putting in place application and remote access controls to restrict system access to only those applications that have been verified as compliant with the established security policy.
Institutions should also seek a single cloud-based console that can activate remotely and begin identifying and solving security issues quickly. This console should streamline the process of managing multiple software programs and allow for efficient tracking, location, and recovery of devices.
One of the worst ways to let malicious threat actors into a network is by using outdated, inefficient software that lacks the fundamental security features to safeguard devices and data.
Perpetual endpoint visibility
Maintaining vigilance over the increased threat surface is more crucial than ever given the nature of the education sector, where electronic devices are dispersed, due to the rise in remote learning and working spurred by the pandemic.
Universities and educational institutions should establish a durable Zero Trust architecture permitting centralised IT teams to monitor devices and detect suspicious activities, including devices logging in from an uncharacteristic area. Moreover, the ability to remotely freeze or switch off infected devices and applications can limit the spread of breaches should they occur as well as stop any further possible inbound threats.
Technology must be backed up by robust cyber regulations in order to keep sensitive data and their clients safe. Education institutions should therefore equip staff and students with the necessary training to reduce risk on a human level. The level of threat the organisation faces can be quickly decreased by implementing such cyber awareness training to spot certain threat types, such as spear-phishing attacks. Equally, circumstances like rapidly reporting stolen devices can help a great deal in preventing dangers by enabling IT professionals to remotely disconnect the item from a network.
As universities are ultimately responsible for data breaches, if they do not report stolen devices within 72 hours, they could successively face hefty fines.
Maintaining best practices
In addition to establishing frequent security monitoring, testing, and risk assessments to make sure systems and human responses are operating as they should, setting forth clear cyber policies should also be a component of this training. The organisation can adopt practices and reduce risk by adhering to cyber guidelines and establishing a strong security culture, which could be met by erasing student data six years after a student has left the university, in accordance with Jisc guidelines.
Therefore, a multi-pronged strategy involving technology, people and policies, all of that collaborate together to establish a robust cyber posture, is the foundation of an effective cyber strategy for the education sector, as well as numerous other industries. It is increasingly imperative that companies make sure they have such safeguards in place for the next attack amid the recent series of high-profile attacks on the education sector.
