search.noResults

search.searching

saml.title
dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
VIEWS & OPINION


Universities take 207 days to detect a data breach


Comment by SAM MANJARRES, Senior Product marketing manager, identity security WatchGuard


After many interesting


discussions with education sector players at the recent BETT exhibition, what steps can hybrid educational establishments take to protect themselves from cybercrime? Although


cyberattacks on higher education institutions date back years, there has been a spike in


university cyberattacks in the last two years. Cybercriminals took advantage of the rapid transition to hybrid learning that higher education institutions were forced to implement before they had time to strengthen their cybersecurity, which left most of them exposed. This is yet another example of accelerated adoption of new technologies without ensuring robust security measures are in place.


In 2022, there were 497 reported incidents in the education sector, out of which 238 resulted in a confirmed data breach, with external threats accounting for 72% of these breaches, according to a Verizon survey. Over the last year, data security breaches rose by 30% compared to the previous year. Another interesting finding from this report is that 34% of the errors in higher education resulted from an email sent to the wrong person or with the wrong attachment.


And while the National Cyber Security Centre (NCSC) first issued an alert to British schools about ransomware attacks back in September 2020, warning of “an increased number of ransomware attacks affecting education establishments in the U.K., including schools, colleges, and universities,” a recent survey from the NCSC and the National Grid for Learning (LGfL), suggests more than three-quarters (78%) of UK schools have experienced at least one type of cyber-incident in recent years.


The cost of a data breach in universities The average cost of a data breach at a higher education institution is around US$3.86 million, as revealed in IBM’s “Cost of a data breach” report. Universities can take around 207 days to detect they are experiencing a breach -- and a further 70 days to contain the breach.


The longer it takes to detect the attack, the higher the cost of the incident.


The main attack vectors hackers use to access higher education institution networks are as follows: • Compromised credentials • Phishing


July/August 2023


• Cloud misconfiguration • Vulnerabilities in third-party software


How to protect hybrid education institutions from cyberattacks


In the post-pandemic era, it is essential that educational institutions, especially universities, continue the digital transformation. But, to do it right and avoid cybersecurity threats, institutions must put students and faculty, i.e., users, at the centre of the process. So, if they are aiming to provide secure hybrid education, they need to take the following steps:


• Have network visibility: Universities need to have visibility across their networks so that they can detect and block potential intrusions in the traffic. Using technologies such as firewalls, data loss prevention solutions, and domain name system (DNS) filtering can help.


• Assess system vulnerabilities: Identifying weaknesses in the network is of utmost importance when it comes to containing cybercriminals who seek to exploit potential security holes. This will enable institutions to deploy patches where necessary.


• Use software-defined wide area network (SD-WAN): This virtual WAN architecture enables universities to reduce the risk of outages and data loss by using a centralised control function to route traffic securely and intelligently across the WAN and directly to applications. This also enables them to connect legacy hardware and software to SD-WAN networks and dynamically optimise network traffic as needed, reducing latency.


• Protect student, academic, and administrative staff identities: Establishing user access control to applications and data, deploying multi-factor authentication (MFA) to secure credentials and enforcing password management policies, ensures a secure digital experience for users.


• Provide secure Wi-Fi on campus: To circumvent known and unknown threats, universities must deploy Wi-Fi networks that provide automatic protection, facilitate integrated security through centralised management, and provide full visibility into wireless ecosystems.


The evolution of higher education will continue to impact the educational experience and quality offered to students and faculty.


The eBook “Cybersecurity in Higher Education: Enabling Secure Hybrid Learning”* outlines the most common security incidents and vulnerabilities affecting universities and describes how these events influence their IT priorities. It is possible to safeguard the mission of educational institutions if they are aware that modern technologies can protect their cyberspace -- and thus create a secure digital ecosystem for users.


*https://www.watchguard.com/wgrd-resource-center/ebook/ enabling-secure-learning-higher-ed


www.education-today.co.uk 31


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44