Data breaches have become an unfortunate part of life, and cybersecurity is now more important than ever. Many universities are struggling to adapt to managing data sprawl, cloud services, and a variety of digital payment methods. As things only become more complex, we’ve gathered a list of five cybersecurity facts that we are constantly talking to our higher education clients about.
1. Staff & Students Are At Risk When Successful Hackers Leak Sensitive Information
After firewall vendor Accellion noted vulnerabilities in one of its network equipment offerings, numerous higher education institutions were breached and extorted by the ransomware group Clop. As a result, universities saw social security numbers and other sensitive student information leaked. Some schools also received ransom demands to prevent the release of additional data. These colleges are left facing the headlines, defending their reputations, and cleaning up the mess. Cybersecurity must be constantly reviewed to prevent these risks.
2. The Pandemic Bolstered the Importance (and Difficulty) of Security Measures
According to the EDUCAUSE COVID-19 QuickPoll, which looked at 15 key information security tasks, over 40% of those surveyed said that 4 tasks, in particular, have become increasingly important since the pandemic:
- Awareness training, outreach, and communication around security
- Email filtering to combat spam and phishing
- Data loss prevention measures, like scanning user devices for PII
- Vulnerability scanning of user devices
Respondents also noted that keeping information secure has become more difficult, reporting that nine of the fifteen tasks were at least a little more difficult. Those surveyed said that special projects or initiatives, data loss prevention, vulnerability scanning, monitoring privacy, and policy enforcement had become difficult or very difficult indeed. Add remote workers to the mix, and you have a concoction of IT network trouble to manage.
3. The Number of Cyber Attacks on Higher Education Has Grown Faster Than Any Other Sector
A Checkpoint report highlighted the fact that higher education experienced a 30% increase in attacks in July and August last year — a number that dwarfs the 6.5% increase noted across all industries during that same period. Microsoft Security Intelligence backed these findings, pointing out that in a 30-day period, 62.8% of nearly 9.4 million malware incidents occurred in the education sector. It’s easy to pin the blame on the move to remote learning, but the truth is that the transition has only exacerbated problems and vulnerabilities that existed before the pandemic. Legacy technologies and a slow move towards evolving technologies in higher ed hasn’t helped.
Higher education has also seen a sharp uptick in ransomware attacks during the pandemic — a problem that can at least be partially attributed to the sheer amount of personal information stored at these institutions. As schools moved to enable students and staff to access networks and information remotely, the vulnerabilities increased drastically as bad actors were able to more easily breach these networks.
4. Higher Education Sometimes Lacks…Education (Around Cybersecurity Best Practices)
Proper training of students, staff, and anyone else that accesses school networks is an essential component of holistic cybersecurity measures. Yet, many staff and students are painfully unaware of basic security best practices. A survey from EdTech reveals that almost one-third of breaches can be traced back to “unintentional disclosures.” These can happen when students misuse social media, fall prey to phishing email scams, or introduce vulnerabilities via their own unsecured devices and applications. With so many students and visitors bringing their own devices to shared wifi networks across campuses, it is increasingly difficult to provide security education and protect IT networks.
5. Proactive Cybersecurity Measures Can Keep Threats at Bay
Many colleges and universities operate on a reactive approach toward cybersecurity. Taking a more proactive approach can help higher education institutions identify threats and vulnerabilities before they become a serious breach or issue. This requires a strategic approach that keeps all departments in the loop, training on best practices, and utilizing the best security tools. This is a tall order for large sprawling campuses that encompass numerous departments and network environments.
Arrow Payments has helped colleges and universities of all shapes and sizes enhance their departments’ operations and secure their campuses. By applying our focus on PCI compliance and payments security to complex merchant environments, our deep experience in cybersecurity best practices naturally applies to help keep all aspects of universities (and their people) secure. Contact Arrow Payments to discuss your school’s situation today.