Cybersecurity in Education and Research Institutions
With government and healthcare data breaches frequently making headlines, far less attention is being paid to an industry that is incessantly under attack by cybercriminals and hackers: Education and Research.
From phishing scams and ransomware to denial-of-service attacks, cybersecurity threats are a common business risk to schools, colleges, universities, and research institutions. The education and research industry are a lucrative target for cybercriminals for two main reasons.
Just as the financial and healthcare sectors, higher education and research institutions store sheer volumes of potentially valuable information, including personal, financial, research, and intellectual data. Secondly, these institutes employ open networks and allow federated access to enable greater collaboration. This makes them a fertile ground for malicious actors.
What Surveys Say?
- Among all industries, the education sector ranked as the least secur
- 87% of educational establishments have experienced at least one attack
- 70% of incidents in education in 2019 were ransomware attacks
- 60% of US ransomware attacks between August and September 2020 involved K-12 schools, a 29% jump from the months prior
- 25% of schools suffered a data breach in 2019, 61% of those were phishing
- Over 50% of the education sector cyber incidents were ‘denial of service’ attacks
- Schools are the second most lucrative target for ransomware
- 55% of school data breaches compromised personal data
- 53% of school data breaches amounted to credential abuse, which allowed access to a school’s network systems and applications
- 35% of school data breaches resulted in data espionage
- 1 in 3 universities witness cyberattacks every hour
- 43% of universities have had exam results infiltrated
- 82% of schools noted data loss as the biggest concern with cybercrime, followed by remediation costs (47%) and reputational damage (37%)
It’s Time to Act!
With the increasing adoption of Cloud, AI, AR and VR as learning and research tools, cybersecurity has become a complex challenge, which when ignored invites grave repercussions. Moreover, the present-day cybercriminals are fully equipped with an arsenal of sophisticated tools, making it overwhelmingly complex for education institutes to safeguard data and systems.
Making things worse are the lack of IT expertise, decentralized security policies, and budget constraints. Against this backdrop, the stakes of the academic and research institutions are at a higher risk. It is pertinent that these institutions consider cybersecurity as a severe enterprise risk.
It’s high time that the college and university chief information security officers (CISOs) and their security teams develop and maintain a sound cyber risk and governance regime.
Here are some recommendations for education and research institutes to better prepare for, and respond to, evolving cyberattacks:
- Prepare for inevitable cyberattacks by creating incident response plans
- Budget for cybersecurity by exploring resources like cyber insurance
- Educate students, faculty, and researchers and instill security guidelines for device usage, passwords, internet connectivity, and video conferencing
- Test and secure critical systems, especially those used across multiple institutions, to prevent cascade effect
- Leverage Cloud to securely store and backup files
- Stay abreast of the latest cybersecurity innovations, trends, and attack vectors
As digital transformation continues to disrupt the education and research industry, new threats will emerge, known threats will take new forms, and vulnerabilities will inevitably unfold. The education institutes must realize that they are at continuous threat.
By partnering with cybersecurity service providers like StealthLabs, institutions can be better prepared. Together, one can prevent and mitigate risks or respond more effectively when incidents arise.
StealthLabs Can Help!
On the backdrop of extensive security capabilities and a decade-long industry presence, StealthLabs can help schools, higher education, universities, and research institutions become more resilient, secure, and compliant in an ever-changing threat landscape.
The StealthLabs portfolio includes a full suite of security offerings, ranging from security posture assessment, information security compliance and identity management to incident response services.