WHILE SCHOOLS INCREASINGLY RELY ON DIGITAL TOOLS AND PLATFORMS TO ENHANCE LEARNING , MANY LACK ROBUST CYBERSECURITY MEASURES TO SAFEGUARD SENSITIVE DATA .
INDUSTRY WATCH approach , and a multi-faceted one at that . I would like to acknowledge that universities thrive on the sharing of open information and collaboration which creates a unique point for vulnerabilities . That is why , for me , a uniform security strategy will not be effective and there is arguably a need to create a strategy that considers the unique needs of the institution .
According to a report from Sophos , 80 % of K – 12 schools and 79 % of higher education institutions in the U . S . were hit by ransomware attacks in 2022 , a sharp increase from previous years . These incidents highlight the growing threat to educational institutions , where cyberattacks often exploit system vulnerabilities , putting student and staff data at serious risk .
Vichai Levy , VP R & D , Overseeing
Architecture , Protegrity
To mitigate these risks , it is so important that one must conduct thorough risk assessments to pinpoint vulnerabilities specific to the institution . This includes evaluating the security of research data , intellectual property and student information . I would also prioritise compliance with regulations such as FERPA , HIPAA , GLBA and GDPR . Continuous monitoring of systems and networks would also be a priority using robust tools to detect and respond to threats . It ’ s also important to foster a security-conscious culture within the institution .
WHILE SCHOOLS INCREASINGLY RELY ON DIGITAL TOOLS AND PLATFORMS TO ENHANCE LEARNING , MANY LACK ROBUST CYBERSECURITY MEASURES TO SAFEGUARD SENSITIVE DATA .
Weak cybersecurity measures have made educational institutions attractive targets for cybercriminals . Data from the 2024 Sophos State of Education report revealed that 85 % of ransomware attacks on K – 12 schools and 77 % on higher education institutions involved data encryption . The financial toll has been significant , with the cost of recovering from attacks doubling for K – 12 schools and quadrupling for universities .
A key issue is that educational institutions often disclose data breaches slowly . For instance , only 29 % of K – 12 schools publicly disclose cyberattacks , though the actual number of incidents is likely higher . This lack of transparency increases risks significantly , as individuals may remain unaware their personal information has been compromised for an extended period , making it harder to prevent further misuse of stolen data .
To better defend against cyberthreats , CISOs in the educator sector must prioritise investing in comprehensive data protection solutions . Encryption and tokenisation are two powerful techniques that can help shield student and teacher data by making it useless without proper decryption keys . Even if attackers breach a system , encrypted data remains inaccessible .
I would also need to create an incident response plan to minimise any damage and ensure a swift recovery in the event of a breach . Finally , I would make sure of staying up-to-date on emerging threats and technologies to keep the institution ahead of potential issues on cybersecurity .
Vichai Levy , VP R & D , Overseeing Architecture , Protegrity
The frequency of data breaches in the education sector surged in 2023 , compromising the private information of students , parents and educators . This highlights a significant vulnerability : while schools increasingly rely on digital tools and platforms to enhance learning , many lack robust cybersecurity measures to safeguard sensitive data .
Schools must also adopt transparent cybersecurity policies . It is crucial to work with external vendors to ensure all digital tools and platforms meet strict security standards . Additionally , promoting cybersecurity awareness among parents , educators and students can reduce the risk of human error , such as falling for phishing scams .
While the education sector is often overlooked in discussions about data security , it is undeniably a highvalue target in today ’ s threat landscape . Protecting all data is important , but safeguarding the personal information of young students is especially critical . By investing in the right data protection technologies and fostering a culture of cybersecurity , schools can improve their defences and protect the futures of both students and educators . p
68 INTELLIGENTCIO EUROPE www . intelligentcio . com