A growing number of data breaches in the higher educational sector are raising concerns about the ability of colleges to protect sensitive information. These breaches not only put students' and faculty data at risk, but also cause reputational damage and financial losses.
Many educational organizations are taking these concerns to heart and making a commitment to focus on securing their network infrastructure. With students back on campus this month, where is your institution on the path to better cybersecurity?
Higher Ed Ranks High on List of Targets
Education tied with business as the second most-breached-sector last year, with healthcare being the only industry to experience more incidents.
So far this year, at least seven universities and community colleges have reported data breaches, according to the Privacy Rights Clearinghouse database. In total, the database contains 722 reported digital data breaches in the sector between 2005 and 2016, with an estimated more than 14.7 million records compromised. The actual number could be much higher.
Why Is Higher Ed An Attract Target?
What makes educational institutions an attractive target is the high volume of data that’s valuable on the dark market — from the social security numbers of thousands of students and faculty members to financial information.
But that’s not all. Higher education infrastructures are complex with 24/7 open networks, connections to high numbers of mobile devices, and a growing reliance on IoT (Internet of things) technologies like smart lab equipment, doors and security cameras. Adding to the problem are the resource limitations of campus IT departments to manage it all.
Steps for Improving University Cybersecurity Effectiveness
To address these challenges, colleges need to develop a strong campus cybersecurity posture with a comprehensive approach that includes:
- Incident response planning: Just as you plan for major disasters and other campus emergencies, you need a cybersecurity incident response plan. Instead of scrambling to react during a crisis, you can use your incident playbook and training and feel confident about the steps that need to be taken. The plan should also identify your breach response team and help you create practice scenarios.
- Threat assessment: Even for organizations with extensive in-house cybersecurity expertise, objectively assessing vulnerabilities and security is difficult. We recommend working with a third-party vendor that has experience in the industry — these experts keep abreast of the latest threats and can work with your in-house team to provide an independent audit and suggest path for a more cyber secure campus.
- Cohesive fabric of cybersecurity solutions: Using disparate systems and platforms to manage various aspects of cybersecurity is ineffective. You need a cohesive fabric that considers every aspect — including mobile devices — and weaves together all your security technologies on one platform that can be managed centrally, and allows multiple products to interoperate and share threat information easily.
Cybersecurity is an ongoing process, not a one-time initiative you can tackle overnight. A partner of Fortinet, Resilient Intelligent Networks can help you develop a reliable, adaptive higher education network security infrastructure with best-of-breed technologies to prepare you for this year’s threats as well as those to come.