Education sector poorly prepared for cyberthreats
Data is a vital resource in the education sector and increasingly schools and colleges store information in digital form. Digital technology is also moving into the classroom, but of course all this comes with greater risk.
Yet according to new research from security rating service SecurityScorecard, across 17 industries in the US education comes second to last in terms of total cybersecurity.
According to the report education performs poorly in several key areas of cybersecurity. It also shows that hackers have become increasingly adept at stealing school and student data, but the education industry is no better prepared to deal with these malicious threats.
"There were four areas where we found especially poor performance," says Sam Kassoumeh, co-founder and chief operating officer of SecurityScorecard. "We measure across different areas of the landscape because cyber security has many layers. In education we saw poor performance in application security, endpoint security, patching cadence, and network security."
The education sector collects a large, and increasing, amount of personal data about its students, securing networks and protecting data is essential.
"Education is a complex and fragmented landscape. It's not like a corporation where there are many different networks for different parts of the business and geographic locations, but which are all under strict and uniform control," adds Kassoumeh. "In universities there's a segment of the network that is responsible for housing computers that belong to the faculty, but there's another side which is bring your own device, so it's like an open guest Wi-Fi network. It doesn't have the same strict controls and endpoints aren’t uniformly configured with protection. Ultimately this raises the overall vulnerability of the environment."
The report concludes that the education sector needs to look at how it protects its systems, but also at working to raise the overall level of security awareness among its student population.
You can read more in the the full report which is available from the SecurityScorecard site.