How to implement a successful cybersecurity programme
Priyanka Roy, product consultant at ManageEngine, lays out the seven essential steps for a successful information security programme
Making up more than 6% of the gross world product, the global education sector has been growing at a 4.5% compound annual growth rate and is forecast to be worth $10tn by 2030. As the education sector continues to grow, so does the rate of digitisation in schools. More and more schools are implementing digital solutions to track student performance, schedule classes, monitor assignments, and perform other tasks.
Related news: NCSC releases first cyberthreat assessment for universities
The National Cyber Security Centre has released a report today outlining the threats facing UK universities and steps they can take to protect themselves. Read the full article here.
But as educational institutions continue to collect increasing amounts of student information, the responsibility to secure this data also exponentially increases. According to a BBC report, university research projects are major hacking targets, and universities in the United Kingdom were targeted with 1,000 cyberattacks in 2018. In the month of March 2018 alone, more than 300 universities fell victim to an orchestrated attack by Iranian hackers who managed to access 31 terabytes of “valuable intellectual property and data”.
What kind of information is at risk?
Educational institutions store immense amounts of highly sensitive information, like contact information, academic records, Social Security numbers, financial information, and health records, which makes them lucrative targets for hackers. To top it all off, many universities conduct government-sponsored research, which may contain critical government information. Data assets like these fetch thousands of dollars on the dark web.
Many universities conduct government-sponsored research, which may contain critical government information. Data assets like these fetch thousands of dollars on the dark web.
How do we combat the threats that the education sector faces?
Although cybersecurity challenges aren’t unique to the education sector, what’s particularly worrying is that the education industry ranked last out of 17 industries assessed by SecurityScorecard. According to the report, the three biggest security challenges the sector faces are application security, patching cadence, and network security.
As hackers continue to grow more skilled at stealing information, the education sector needs to step up its efforts to protect its highly sensitive systems and information. Setting up an information security programme is key to overcoming these security challenges.
Educational institutions need to go through the following steps to implement a successful information security programme:
- Establish an information security team: The first step in establishing an information security management programme is to set up the security champions of the institution. The ideal team is comprised of an executive group responsible for driving the strategy and establishing the objectives, and a cross-functional group responsible for day-to-day IT security operations.
- Identify information assets: The next most important step is conducting an inventory of all information assets the institution possesses, including information from third parties, to establish ownership. The inventory should be categorised based on the criticality of the stored information.
- Assess the current security posture: Once all information assets are identified and categorised, the institution should conduct a detailed analysis of potential risks and vulnerabilities.
- Manage risks: Next, the risks and vulnerabilities should be prioritised based on their likelihood and possible impact. A detailed risk register usually includes all potential vulnerabilities, along with the relevant controls required to mitigate these risks.
- Monitor all critical infrastructure: Lack of monitoring may cause many schools to fall for unforeseen attacks. Monitoring tools keep an eye on network activities to ensure that unauthorised actions are caught as and when they occur. They also track activities taking place in all network devices, such as firewalls, routers, and servers, while log analysers can closely monitor all event logs and syslogs.
- Create an incident response plan: A good incident response plan clearly defines the process to be followed in a security incident, and identifies what needs to be done, who should be informed, and the steps to ensure timely resolution. A best practice is to identify the tools required during various stages of incident management, such as a help desk tool to log incident tickets and assign technicians.
- Spread awareness and conduct trainings: Conductingregular training and awareness exercises for all stakeholders ensures the success of the entire security programme. All staff and students should be periodically trained on cybersecurity best practices, as internal threats continue to be one of the weakest links in the security practices of organisations across sectors.
The challenges the education sector faces may seem overwhelming, but there are plenty of ways to effectively protect IT networks. A proactive approach ensures the safety of the immense amount of information that schools store. Strong access controls, authentication mechanisms, and constant monitoring of all databases that store information will help educational institutions achieve their cybersecurity goals.