A new 2020 Cyber Threats Report from Netwrix found that 92% of educational organizations consider improper sharing of sensitive records a top security threat. It also found that the most common threat patterns in the education sector were driven by the human factor.
Since the transition to remote learning, educational institutions have become increasingly concerned about IT risks. 33% of them say they are more vulnerable to cyber threats than they were pre-pandemic, which is higher than any other vertical analyzed. 89% of them admit to having new education cybersecurity gaps caused by the rapid transition to remote education — again the highest finding among all industries.
41% of respondents also reported that they had improper data sharing incidents in the first few months of the pandemic, making it one of the most common threat scenarios experienced. Other types of incidents reported included phishing (50%) and administrator mistakes (31%).
Other findings discovered by the survey include:
- 78% of the educational institutions that feel they are at greater risk now than before the pandemic are concerned that users may ignore security guidelines.
- Concern about malicious actions by rogue admins dropped from 92% to 9%. Indeed, only 12% had such incidents, but they had the longest dwell time: 43% of respondents needed weeks or months to detect the issue.
- Every fourth educational organization experienced misconfiguration of cloud services in the first few months of the pandemic.
“To minimize the risk and impact of human errors, we recommend investing in security training and easy-to-use collaboration tools. The latter will eliminate the temptation to share sensitive records through unsanctioned solutions, while giving the IT team enough control and auditability. Also look for ways to leverage automation to augment the IT team’s efforts. For instance, data classification will help them focus their security efforts on the most critical data, while automating audit trail collection and analysis will enable them to detect and investigate incidents faster.” – Ilia Sotnikov, Vice President of Product Management at Netwrix
The survey was conducted online in June 2020 to understand how the pandemic and ensuing educate-from-home initiatives changed the IT risk landscape to protect from education cybersecurity.
Image licensed from Adobe Stock.