A recent report by Netwrix has revealed that a staggering 69% of organizations in the education sector have experienced a cyberattack in the past year. These attacks pose a significant threat to the education sector, with phishing and compromised user accounts being the most common attack vectors.
The study found that phishing and user account compromise were the primary methods used by cybercriminals to target educational institutions. In comparison, other verticals saw phishing and malware, such as ransomware, as the leading attack paths. Furthermore, the report highlighted that a disturbing 75% of cyberattacks in the education sector were associated with a compromised user or admin account located on-premises. This figure is significantly higher than the 48% observed in other sectors.
Security professionals acknowledge the impossibility of achieving full cybersecurity, which suggests that the remaining 32% of organizations either had a stroke of luck or have not yet discovered a cyber incident within their networks.
While some cyberattacks have dire consequences and can even force organizations out of business, most institutions have managed to survive these incidents. However, the financial implications of these attacks can still be quite substantial. In fact, the report revealed that 16% of organizations estimated their financial damage from cyberthreats to be at least $50,000.
In response to these increasing cyber threats, an increasing number of organizations in the education sector have opted to purchase cyber insurance policies. Currently, 59% of organizations in the sector have a cyber insurance policy in place or plan to acquire one within the next year. Of those organizations already covered by cyber insurance, 28% have modified their security approach to reduce their premiums. Additionally, 22% have had to improve their security posture to become eligible for the policy.
When it comes to building an effective security architecture, it is essential for organizations to identify the potential threats they face. The report found that IT professionals in the education sector are almost equally concerned about both internal employees and external adversaries. This concern is valid given that 43% of respondents identified employee mistakes or negligence as the main challenge to data security. Therefore, addressing the internal threat is a top priority.
Regardless of their size, organizations in the education sector share three primary IT priorities: data security, network security, and cybersecurity awareness among employees. These priorities are crucial for safeguarding sensitive information and ensuring that employees remain vigilant against potential cyber threats.
Dmitry Sotnikov, VP of Product Management at Netwrix, explained the unique challenges faced by educational institutions. These organizations handle a variety of accounts belonging to staff, contractors, educators, students, and alumni, many of which have a high turnover rate. Managing security best practices for such a diverse user base is challenging, especially considering the constant influx of newcomers. Sotnikov emphasized the need for mandatory security training within the first few weeks of joining an organization and reiterated the importance of regular training sessions.
Dirk Schrader, VP of Security Research at Netwrix, highlighted another vulnerability within the education sector. To facilitate research and collaboration, educational institutions often provide a multitude of shared devices and systems that are exposed to the internet. This creates a massive attack surface for cybercriminals. Schrader advised implementing strong password policies, multifactor authentication (MFA), and following the principle of least privilege to mitigate the risk. He also emphasized the importance of automated detection and response solutions to effectively address account compromise and abuse.
In conclusion, the education sector continues to be a prime target for cyberattacks, with phishing and compromised user accounts posing significant threats. Cyber insurance policies are becoming increasingly popular among organizations in the sector, and IT professionals are equally concerned about internal and external threats. To mitigate these risks, educational institutions must prioritize data security, network security, and employee cybersecurity awareness. Implementing strong password policies, MFA, and automated detection and response solutions are crucial steps in enhancing security within the education sector.