From education to employment

89% of education institutions admit new security gaps due to remote learning – Netwrix research

security

92% of Educational Organisations Consider Improper Sharing of Sensitive Records a Top Security Threat

The most common threat patterns in the education sector were driven by the human factor, Netwrix survey reveals

Netwrix, a cybersecurity vendor that makes data security easy, today announced additional findings from its 2020 Cyber Threats Report, designed to understand how the pandemic and ensuing educate-from-home initiatives changed the IT risk landscape.

Since the transition to remote learning, educational institutions have become increasingly concerned about IT risks. 33% of them say they are more vulnerable to cyber threats than they were pre-pandemic, which is higher than any other vertical analysed. 89% of them admit to having new security gaps caused by the rapid transition to remote education — again the highest finding among all industries.

The overwhelming majority (92%) of educational institutions consider improper data sharing to be a top security risk. This worry is well founded: 41% of respondents reported that they had suffered such incidents in the first few months of the pandemic, making it one of the most common threat scenarios experienced. Other types of incidents reported included phishing (50%) and administrator mistakes (31%).

Other findings discovered by the survey include:

  • 78% of the educational institutions that feel they are at greater risk now than before the pandemic are concerned that users may ignore security guidelines.
  • Concern about malicious actions by rogue admins dropped from 92% to 9%. Indeed, only 12% had such incidents, but they had the longest dwell time: 43% of respondents needed weeks or months to detect the issue.
  • Every fourth educational organisation experienced misconfiguration of cloud services in the first few months of the pandemic.

“To minimise the risk and impact of human errors, we recommend investing in security training and easy-to-use collaboration tools. The latter will eliminate the temptation to share sensitive records through unsanctioned solutions, while giving the IT team enough control and auditability. Also look for ways to leverage automation to augment the IT team’s efforts. For instance, data classification will help them focus their security efforts on the most critical data, while automating audit trail collection and analysis will enable them to detect and investigate incidents faster,” said Ilia Sotnikov, VP of Product Management at Netwrix.

 


Related Articles

Responses