Higher education is struggling to defend itself against an onslaught of cybersecurity threats. As technology continues to transform many aspects of education, colleges and universities are faced with producing, storing and securing a wealth of data about their students, faculty and staff.
Where there's private data, hackers are sure to follow. And the higher education space has become a more attractive target for data breach. Colleges, universities and research institutions have historically strived for the open flow of ideas and free information exchange. But many of the strengths and unique aspects of a university IT network also tend to open up the greatest risks.
The risk is considerable
Consider that most higher-ed institutions encompass all industry security challenges under the same network umbrella. They maintain student, parent, alumni and personnel databases. They also manage financial information, private health records and process retail transactions, making them subject to a host of compliance regulations and mandates, including HIPAA, FERPA and PCI DSS.
Many universities host cutting edge research and development departments that work with patent- and trade-secret related data. And then there's the proliferation of Bring Your Own Devices and the elements of the digital classroom—from eBooks, to smartboards, to iPads to online learning—all clamoring for network access. It's enough to make the Chief Information Security Officer (CISO), Chief Information Officer (CIO) or whoever is responsible for IT security want to skip class.
Size may provide security advantages in terms of budget and resources, but that doesn't necessarily insulate organizations from the threat of compromise. Many of the largest institutions have a permanent security staff, a security advisory board and a CISO at the helm.
But even the biggest schools can easily become infiltrated with malware and be compromised. A listing of breached higher education institutions from PrivacyRights.org reveals that malware does not discriminate between large and small schools, flagship state universities and elite Ivy League colleges.
As schools continue to offer more e-learning and digital classroom formats, they will need strong governance and security policies and controls to:
- Verify students' identities
- Ensure the security of e-learning initiatives
- Determine the ownership of intellectual property and course materials
- Prevent grade tampering
As the digital classroom replaces traditional learning formats, students will bring their own devices to class and the university network must be ready to accommodate this influx safely and securely.
Institutes of higher learning can and should devise strategies for more secure network operations, but the larger question remains—how can colleges and universities prepare to deal with cybersecurity threats every minute of every day?
Dealing with cybersecurity threats 24/7
An incident response plan and a strategy for assessing and addressing risk and compliance are steps in the right direction. There are three additional components to consider for strengthening your security posture:
Higher education institutions can benefit greatly from expert testing to find and assess security vulnerabilities and risk.
Whether it's new paperless platforms, new technologies for location intelligence and adaptive learning, or new applications to support digital classrooms, you need to know where data is at risk. By conducting real-world security testing on applications, networks, and even your employees, you'll be armed with new ways to strengthen the university's security posture against cyber threats.
Targeted Threat Hunting
In addition to technical testing, many higher education institutions also benefit from a form of proactive incident response called targeted threat hunting. Whether you know you've beencompromised, or you want to validate the current security posture, targeted threat hunting produces valuable, actionable insight into the presence of threats and deficiencies in the university's security stack.
For many institutes of higher education, security has become a continuous, multi-layered effort to prevent threats while minimizing the duration and impact of stealthy attacks that caneventually bypass strong defenses. Targeted threat hunting is a proactive way to not only find indications of compromise (IoCs), but also provide useful analysis of a breach to help prevent similar intrusions moving forward.
While an emphasis on proactive testing and incident response can bolster security for colleges and universities, people remain both the strongest and weakest link in a university's security posture. As such, it is critical to hire and retain top security talent.
Implementing a comprehensive security awareness program across the broader employee, faculty and student user base will also work to reduce risk from bad actors across a vital, open campus network.
Higher Education has a fighting chance
Operating under a constant threat of cyberattacks is the new normal for higher education institutions today. However, higher education has a fighting chance to strengthen defenses, perform proactive testing and threat hunting, and ramp up preventive user awareness to make it harder for malware and bad actors to infiltrate the campus IT environment.
Cybersecurity defense is no longer the endgame for higher education. The institution's cybersecurity team must have the expertise and capabilities to handle an ongoing cycle of recurring engagement. Schools should consider "when, not if" a security compromise will occur. They prevent where possible, detect what they can't prevent, respond quickly—and with valuable threat insights—try to predict and prevent the next threat.