VIEWS & OPINION
How academic institutions can protect themselves against rising cyberattacks Comment by DAVID CUMMINS, VP of EMEA, Tenable
Over the last two academic years, video conferencing applications, e- learning, and cloud-based software have supported the continuation of core curriculums and examinations. However, this shift has resulted in an expanded cyberattack surface that has made schools more susceptible to cyber threats as we enter a new academic year. A study conducted by Forrester Consulting, on behalf of Tenable,
found only 48% of organisations in the UK claimed to be adequately prepared to support hybrid working models* from a security standpoint. Now, as school terms get underway and higher education functions welcome back students, the National Cyber Security Centre (NCSC) has announced an investigation into the drastic increase in ransomware attacks facing the sector. For academic institutions opening their doors, this is a worrying trend.
Institutions cannot afford to pay ransoms. It is not just ill-advised but also unfeasible given the lack of resources and potential penalties imposed by regulators should private data be compromised. Fortunately, there are simple lessons education settings can take to improve security efforts and help ensure networks are protected in advance:
Lesson One: Identify and address vulnerabilities — The vast majority of data breaches today are not the result of new attack types, nor are they particularly complex. In fact, the majority are threat actors that exploit a known and unpatched vulnerability in a software application or computing hardware. By identifying and patching common vulnerabilities, academic institutions can close the door most threats climb through.
Lesson Two: Multi-factor authentication — Knowing that the person accessing systems is authorised to do so can be a challenge, particularly if a username and password is only required to access remote learning tools. To verify that the correct people are logging in, the adoption of multi-factor authentication solutions are essential that utilise another form of identification, such as a one-time passcode or a fingerprint/iris scanner.
Lesson Three: Enhancing limited resources and support — The NCSC has recently announced its commitment to support education settings, verifying that it plans to tackle cybersecurity threats due to the lack of funds to guard against, or recover from, attacks. Included in its published resources are guidance to help IT teams prioritise those software vulnerabilities that are being targeted by threat actors, alongside recommendations for organisations to adopt a risk-based vulnerability management approach before ransomware hits their systems. This targets the specific threats that pose a real risk to institutions while reducing time wasted on manually prioritising threats.
Lesson Four: Take a holistic approach — Since the pandemic hit, organisations have had to allow large volumes of unknown devices to connect to their networks. For most academic institutions and security teams, understanding and mapping the vast array of assets can be incredibly complex. Discovering and managing unknown assets can be even harder, and almost impossible without the use of tools. Security awareness training can be useful to help students and staff members know how to avoid making costly, yet easily avoidable mistakes. By anticipating bad actors, implementing new changes, and prioritising these simple lessons, educational institutions can tackle the new attack landscape. At a time when schools are particularly reliant on technology, this ensures they can keep the trust of students, parents and teachers while providing a richer education to future generations with confidence.
*
https://www.tenable.com/analyst-research/forrester-cyber-risk-report-2021 24
www.education-today.co.uk October 2021
We must do more to close the attainment gap between black and white students
Comment by ORIEL OCTAVE, Head of Education at NOSCE Education
Earlier this month, a letter detailing the need for educational programmes and funding designed to specifically help Black students was sent to the former Education Secretary, Gavin Williamson. The contents of this, which was later recovered by the Independent, show Diane Abbott and Lord Simon Woolley appealing for Williamson and his cabinet to make provisions to boost attainment in Black school students. This follows new Government data which shows an ever- widening education gap between Black and White students in UK schools. According to this report, there has been a “significant widening”
of “longstanding” gaps that result in lower outcomes for Black students in comparison with White students. This widening took place between 2019 and 2021 and is largely attributed to measures to stem to Covid-19 pandemic. These saw school closures, remote learning, and exam cancellations wreak havoc on school students across the board, many of whom had to use predicted grades and mock examinations to assimilate their final GCSE and A-level grades. According to the report, specific ethnic and socio-economic groups
have borne the brunt of the effects of these measures, with Black school students suffering the most; the gap between White and Black student’s grades has grown by almost 1.5% during the period, adding to an already-present attainment gap between the two groups. This year, the Government pledged a £1 million cash injection for
the education sector, which would be used to help Roma, Gypsy and Traveller children achieve higher pass and excellency rates. In light of this, figures like Abbott and Woolley have set forth to appeal for the same measures to be made available to Black children -- both in an essential and Further Education context. In light of the recent cabinet reshuffle, which saw the Williamson
replaced by Nadhim Zahawi as the new Secretary for Education -- what more can be done as we move forward out of the pandemic, to not only to prevent race-based education gaps from widening further but ultimately to close these gaps and promote equal opportunities and outcomes across to sector? “Collective efficacy” is a concept which has been adopted by
policymakers and researchers within the US Education sector, in order to tackle similar, long-standing racial achievement gaps. The phrase, in this context, translates to teachers believing they actually have the power to make a difference in what their students can achieve. One study in Texas found that schools in which teachers showed
high levels of collective efficacy had a 50 percent reduction in the academic disadvantage experienced by Black students, compared to schools where teachers had average levels. The switch to remote teaching in Britain since national lockdowns
has undoubtedly made collective efficacy in teaching workforces lower; many reported feeling powerless when trying to improve the learning of students who needed extra or specialist support, and increases in absenteeism across the board also added to this issue. Policymakers must work to ensure schools and their staff feel
empowered. This could be achieved through several methods; whether it’s greater financial support for teachers, access to a wider range of teaching resources, specialist training for teachers, greater access to education technology proven to assist with engagement, and initiatives designed to give students equal access to extracurricular learning if they need one-on-one and/or specialist tutoring.
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32 |
Page 33 |
Page 34 |
Page 35 |
Page 36 |
Page 37 |
Page 38 |
Page 39 |
Page 40 |
Page 41 |
Page 42 |
Page 43 |
Page 44 |
Page 45 |
Page 46 |
Page 47 |
Page 48
