Universities are home to vast networks of academic research, personal information, and educational material. Not to mention the thousands of users that access this data from different geolocations and unsecured networks.
This means that the education sector is a prime target for cybercriminals even though it’s often overlooked in the cybersecurity conversation.
University systems also contain extensive proprietary information and pioneering research across diverse industries. Such data can be highly valuable, and in the wrong hands, can cause plenty of harm.
In 2019, 19 years worth of data was compromised at the Australian National University in Canberra in a vicious cyberattack. The report published by the university regarding the attack later revealed two factors. One, it was a highly sophisticated attack and two, the hackers gained access through a single phishing email in 2018.
The intrusion was only detected months later.
The ongoing COVID-19 pandemic has only aggravated these risks. With the expansion of the attack footprint due to distance learning, this threat has only increased.
So, how can university cybersecurity be improved to adapt to a post-COVID-19 world? What steps can universities take to safeguard themselves against cyber threats? In this post, we look at what you can do to improve university cybersecurity and protect valuable data from hackers.
Work on securing BYOD environments
Students and faculty members bring their devices to campus; a fact of university life.
Savvy institutions will take control of university cybersecurity with a programme that balances awareness training and smart security policies. In a university setting, this can often seem time-consuming and impossible to achieve. Despite this, steps need to be taken to provide users with general cybersecurity awareness training.
This includes awareness about:
- Clicking email links from unknown sources, which can lead to phishing attacks.
- Connecting to unknown Wi-Fi accounts, which can give hackers easy access to university networks.
Another way to ensure the safety of devices across the network is to enforce reasonable security policies. University cybersecurity teams could set limits to the types of OS, memory, storage, and processing used, for instance, to secure online access.
Take a collaborative approach to address cyber risks
They say that knowledge is power. If authorities had access to information about past cyber incidents, for example, they could then take steps to guard their systems from risks.
Hackers are always working together and sharing knowledge to compromise your data and systems. Just as countries align against a common enemy, universities must adopt a similar posture to safeguard their data and systems.
This may be why it is more effective to take a collaborative approach to mitigate cyber risks. Risk management and information security departments could work together to:
- Conduct regular reviews of security policies
- Develop incident response plans
- Conduct real-time tabletop exercises
- Conduct internal network or external network penetration testing to identify gaps in networks
This could help professionals ensure that they have the necessary resources to respond quickly and effectively to cyber attacks. If this is not something university security teams are equipped to do, working with cybersecurity experts can be very useful.
Take steps to improve university cybersecurity with the right security strategies
The pandemic continues to affect individuals around the world.
This means that the primary focus for universities remains on the health and safety of their students and faculty members. The increasing complexity of the threat landscape, however, means that the time is now to review your university cybersecurity capabilities.
The impact of not addressing key security vulnerabilities can place confidential data and systems in jeopardy. It can also have significant financial and reputational effects. This is why universities need to invest in understanding their cyber risks and implement effective methods to mitigate both current and emerging cyber threats.