Name: Jonathan Kaftzan
Job title: VP Marketing Tel Aviv, Deep Instinct
For cyber-criminals seeking high-value targets, educational institutions are especially attractive. Essential to society and the economy, schools and universities also store reams of sensitive data.
According to a recent survey by the Department for Digital, Culture, Media and Sport, 80% of UK higher educational institutions, 76% of secondary schools, and 41% of primary schools have experienced a breach or attack in the previous year, compared to 46% of all UK businesses.
From losing students’ coursework and exams to having to temporarily shut down schools, educational institutions are finding themselves forced to address an increased number of breaches and the resulting fallout.
80% of UK higher educational institutions, 76% of secondary schools, and 41% of primary schools have experienced a breach or attack in the previous year
Remote learning amid the COVID-19 pandemic has dramatically expanded the threat surface, as administrators and security professionals vie to protect their data and resources without the benefit of the traditional network perimeter model of security. They’ve been dealt a nearly impossible hand, struggling to protect numerous endpoints distributed across multiple locations against countless threats, all within a limited budget.
While UK primary schools have begun reopening following three months of lockdown, some have had to keep their doors shut amid new local outbreaks, and with the novel coronavirus likely to remain a threat for the foreseeable future, UK Health Secretary Matt Hancock has suggested that secondary schools may not reopen in September. This raises the prospect of elevated cybersecurity threats to UK educational institutions for at least several more months.
Schools and universities should prioritise improving their cybersecurity posture and implement solutions that account for the unique difficulty of ensuring ongoing security for diverse endpoints
Given educational institutions’ longstanding vulnerability, now exacerbated by COVID-19, schools and universities should prioritise improving their cybersecurity posture and implement solutions that account for the unique difficulty of ensuring ongoing security for diverse endpoints.
Unprecedented cybersecurity challenges
Rapidly evolving and becoming ever-more sophisticated, today’s cyber threats are inherently challenging, even for large enterprises. For schools, particularly those located in smaller and under-resourced local regions, it’s all the more vexing.
As students join classes using their personal computers and home WiFi networks, the number of potential attack vectors has rapidly proliferated. Imagine students, teachers, administrators opening phishing emails remotely across thousands of endpoints under thousands of different servers, and it’s easy to see how the damage of a cyber-attack could spread like wildfire.
As students join classes using their personal computers and home WiFi networks, the number of potential attack vectors has rapidly proliferated
Given that minors are less attuned to cyber risks than employees who may have undergone basic IT security training at their workplaces, such risks are especially serious in educational environments.
Autonomous cybersecurity solutions
Faced with limited IT manpower, institutions should prioritise cybersecurity solutions that operate at least somewhat, if not completely, autonomously. The less dependent on human intervention, or increasing the size and costs of the cybersecurity team, the better.
It’s also vital that schools and universities take an approach that emphasises the prevention of attacks. An ex post facto response entails massive investments in incident investigation, resource restoration, and in the worst cases can cause systemwide downtime, which is not an acceptable outcome when students’ ongoing education is at stake.
To enhance their cybersecurity posture, institutions should be mindful of the underlying technology powering different cybersecurity solutions. Most current cyber measures rely on machine learning (ML) algorithmic models, which come with significant drawbacks.
ML algorithms are only as good as the data they’re trained on; in the cybersecurity realm, this means that while ML solutions can often rapidly identify feature characteristics of known malware, they too often fail to identify previously unseen attacks. Moreover, ML systems tend to generate high rates of false positives, requiring substantial intervention from human IT professionals.
Rather than containing attacks, educational institutions can prevent them, whether they’re first-seen or well-known malware, by using independently operating preventative technology. This not only solves the manpower issue, but it also addresses the need to protect countless vulnerable endpoints.
By having the prevention logic loaded onto a lightweight agent that sits on the edge device, endpoints are kept secure, no matter where they are located or what environment they’re in. Securing these endpoints creates a stronger layer of network security which is quintessential with the increase in remotely located endpoints while students are learning from home.
When looking to cybersecurity solutions, institutions should ask a few core questions:
- Does the solution provide autonomous cybersecurity protection?
- Does the solution learn by design from new raw data on emerging cyber threats, or is training dependent on feature engineering?
- Was the solution designed to protect diverse endpoint devices?
- Is the solution capable of thwarting attacks before file execution?
As the pandemic and the ensuing economic downturn force institutions to make tough budgetary decisions, cybersecurity must remain a top priority. Fortunately, autonomous cyber technology makes it possible to secure our learning resources without overburdening IT staff or requiring expensive new hires. Now is the time to act: while the COVID-19 pandemic will likely be with us for some time, cyber threats to education will be with us well after the coronavirus is eradicated.
You might also like: Cybersecurity concerns rise as lockdown drives 1.4m more children to livestream