27/11/2018
Cyber Security Challenges Facing Higher Education
Information security is quickly becoming the number one issue for IT leaders in higher education. As college campuses continue to adopt new technological systems, they are faced with the challenge of keeping institutional resources, data, and users' data safe. Confronted with evolving technologies, institutions of higher learning are having the balance best business practices with user expectations to ensure that their systems, information, and users are safe from malicious attacks.
Why Target Education?
The education industry (which includes public and private schools from kindergarten to universities) is increasingly under attack from cybercriminals. This includes not only identity theft or money transfer fraud, but also ransomware—the holding hostage of computers or networks for a fee.
How Is the Education Industry Targeted?
As with most industries, the main tool in phishing is email. A recent wave of attacks specifically targeted education: Thieves send an email request posing as a principal or other official asking for W-2 records to be forwarded to them.
Below are some major challenges facing institutions of higher learning when it comes to cyber security.
Phishing
This is an attempt to obtain sensitive information such as usernames, passwords, or other personal info for malicious reasons. This is done by attackers posing as a trustworthy source through electronic communication such as email. Phishing emails may contain links to websites that are infected with malware aimed at gaining access to personal information. Student emails will often be targeted as the attacker poses as a trusted entity affiliated with the university.
User Education
Cybersecurity awareness often takes a backseat to the busy lives of students and faculty at an institution of higher education. As attackers become more sophisticated it is often difficult for IT leaders to properly educated students and faculty on what to look for when it comes to a cyber attack.
Next-generation Security Technology
With limited resources and the necessity for large scale adoption, it is difficult for universities to implement the newest tools for information security. Attackers are continuing to find different ways into university systems, and new tools are continuing to pop up to combat that. However, it is difficult for universities to catch up with the tools that that cybersecurity industry creates.
Identity and Access Management
Universities deal with the challenge of implementing systems that control who can access the different networks provided for faculty and students. With large networks and thousands of people needing access at any one time, universities can struggle to limit access to those who are allowed on the network and keep attackers out.
Unsecure Personal Devices
Personal devices represent a sizeable threat to IT security at institutions of higher learning. With faculty members and students bringing so many devices on campus and attempting to connect to the network, it is difficult for IT staff to determine whether or not those devices are safe and secure before allowing them on to a university network.
Educate Your Educators
Alwetend Technikons have developed a special program to help keep educational institutions safe from phishing attacks. It’s called SecurityIQ and consists of two intertwined components: training and real-world simulation.
The first component should be no stranger to anyone in education: it’s called User Awareness and is a series of customizable courses about phishing and how to detect and prevent them from breaching your systems.
There are individual modules that contain informative videos as well as short quizzes. Topics include password safety as well as introductions to malware and phishing. You can also create your own courses and modules that integrate seamlessly with Safe & Secure Practice.
Looking for Security Awareness Training? Reach us by email [email protected]
