The perfect storm: How can education institutions protect themselves from cyber threats?

In recent times, education institutions have experienced a huge shift towards digitisation. Remote learning has reshaped how schools and universities approach teaching and the quick fixes that were put in place at the start of the pandemic have been incorporated into everyday learning. But this rapid transition has left many institutions managing increasingly complex IT environments and significant security threats that need to be addressed. These heightened security threats have been particularly acute for the education sector and the recent Government Cyber Security Strategy highlights the need for the whole of the public sector to be resilient to known vulnerabilities and attack methods over the coming years.

With the rise of remote learning, more and more students have been logging on from living rooms and kitchens – education providers’ networks have been exposed to a wealth of potential problems: from the use of new devices to unsecure wi-fi networks and open-source technologies. As a result, education providers are exposed to more vulnerabilities, which their IT teams are struggling to manage like the University of Salford. It really has been the perfect storm, so where do they go from here?

Adopting the right approach

At the onset of the pandemic, many education providers weren’t adequately prepared for the digital transformation forced upon them. Many did not have the capabilities to deliver distanced learning for students and few were equipped to support remote working for their staff. Furthermore, basic security processes were often not in place to help protect institutions against the sudden influx of cyber threats launched by attackers who were looking to exploit organisations making changes to their IT environments and in some cases were looking to steal COVID-19 vaccine related data.

However, it’s difficult to deal with these threats until a centralised cybersecurity map and strong IT infrastructure is in place. IT teams need visibility across cloud infrastructure, end-user tools and data centres to detect threats, protect systems and respond to attacks.

Adopting a centralised cybersecurity approach bridges the gap between security and operations teams within an institution’s most complex environments, and provides a unified view of endpoints across the enterprise. It acts as the single point of truth, giving greater visibility across the entire environment and the ability to make better-informed decisions.

Creating a safe learning environment

We have seen that a lack of resources can result in gaps between IT and security teams, leaving universities open to disruption. These gaps create risk for students, teachers, and administrators, and make it impossible for IT teams to get ahead of the threats.

Ultimately, you don’t know what you don’t know – and this is particularly true when it comes to securing organisations. If you don’t have visibility into your network and what needs to be protected how can you know where the risks are?

A gap in visibility can create a false sense of confidence for IT and security leaders. But, by having access to real-time endpoint data, IT teams can quickly identify and fix any issues. They will be able to see if there is any suspicious activity taking place, what versions of software are installed, and which processes are currently active.

With the right endpoint management system, IT teams can optimise the system and remediate at speed and scale, allowing them to update all endpoints without interrupting employees. They will also be able to ensure that any unpatched and vulnerable devices can be identified and dealt with quickly.

Where do we go from here?

Simple and secure digital solutions that provide visibility, control, and the ability to respond to potential threats quickly are key to a strong, remote-friendly IT infrastructure. Teams should embrace strategies that enable online, bring-your-own-device, and 24/7 learning environments, while protecting sensitive institutional and student data.

However, with good IT hygiene and security, it is not impossible to combat cyber threats. But it is crucial that institutions find the right balance between a reactive and preventative approach.

To further address cybersecurity challenges associated with remote and hybrid learning, together with improved student experiences, education IT leaders should:

• Conduct comprehensive security risk assessments to ensure a strong cyber roadmap and strategy
• Integrate security and operations teams on a single platform for the institution
• Adopt an enterprise-wide approach instead of a bifurcated one
• Invest in workforce and skills development to further infrastructure enhancements

However, until educational IT teams have a centralised cybersecurity approach with a governance plan, or roadmap, it will be extremely difficult to move along the path to digital transformation.

The symptomatic issues we’re seeing in education are no different to what we’re seeing throughout the public and private sectors, though the problems in education are particularly severe due to a lack of resources, shift to remote working and the increase in cyberattacks. But there are opportunities for corrective action. Education providers must start with bringing key internal decision and policy makers together and with comprehensive planning for standardisation across technology environments.

Paul Jackson, Regional Vice President of Public Sector, UK, Tanium