The US Education Sector Is Under Siege

Netwrix, a cyber security that delivers effective cyber security services to any organisation, has surveyed 1,309 IT and security professionals globally and recently released their findings for the educational sector based on the data collected.

It reveals that 77% of organisations in the education sector spotted a cyberattack on their infrastructure within the last 12 months, up from 69% in 2023. 

The most common attack vectors were similar to those among other industries: Phishing, user account compromise, and ransomware or other malware attacks. In the education sector, almost half (47%) of organisations faced unplanned expenses to fix security gaps because of a security incident. 

Moreover, one in seven of those organisations incurred compliance fines, and each tenth reported changes in senior leadership and lawsuits. “An incident can reveal security gaps such as excessive admin privileges, dormant accounts, weak or unchanged passwords, default passwords or configurations, and unpatched systems due to negligence or lack of knowledge... Fixing a gap might not immediately require spending additional money but will definitely require time from the IT security team."

“In other words, addressing the root cause of a security incident results in additional investment, in either money or effort, or both,” says Dirk Schrader, VP of Security Research and Field CISO EMEA at Netwrix.

In the aftermath of a breach, organisations must prioritise remediation steps to reduce risks moving forward. For example, the immediate response may include patching software on the most critical servers and adding a manual review step on certain operations.  

“Longer-term remediation may have to wait for the next budget cycle and require additional software, services engagement, or headcount,” commented s Ilia Sotnikov, Security Strategist at Netwrix.

Netwrix   |    Dark Reading   |   

Image: Tumisu

You Might Also Read: 

Dealing With Security Incidents In The Enterprise Sector:


If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Who Are The Top 10 Cyber Security Companies?
Who Are The Top 10 Cyber Security Companies? [extract] »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

NCX Group

NCX Group

NCX Group is committed to helping customers identify and mitigate the risks inherent in today’s interconnected environments and business processes.

Gamma

Gamma

Gamma is a leading provider of Unified Communications as a Service (UCaaS) into the UK, Dutch, Spanish and German business markets.

Zayo

Zayo

Zayo is a leading global bandwidth infrastructure services provider for high-performance connectivity, secure colocation and flexible cloud services.

Infigo IS

Infigo IS

INFIGO IS specializes in information security consulting services. Our employees are leading information security experts in Croatia.

Zighra

Zighra

Zighra is a leading provider of On-Device AI solutions for continuous authentication and fraud detection on mobile and web applications.

Lithuanian National Accreditation Bureau

Lithuanian National Accreditation Bureau

Lithuanian National Accreditation Bureau is the national accreditation body for Lithuania. The directory of members provides details of organisations offering certification services for ISO 27001.

Blockchain Firm

Blockchain Firm

Blockchain Firm is a leading Blockchain based software solutions and service provider with our roots of expertise running deep into the technology.

VikingCloud

VikingCloud

VikingCloud (formerly Sysnet Global Solutions) offers organizations an integrated cybersecurity and compliance solution to make informed, predictive, and cost-effective risk mitigation and prevention

Cyber Chasse

Cyber Chasse

Cyber Chasse is an IT consulting and staffing company offering a full range of cybersecurity solutions, contract staffing services and online training courses.

Coretelligent

Coretelligent

Coretelligent is a leading providers of Managed and Co-Managed IT, cybersecurity and private cloud services.

Quartz Network

Quartz Network

Quartz Network is a curated community for change-makers, up-and-comers, and professionals who are ready to grow, adapt, and thrive.

Virtual Infosec Africa (VIA)

Virtual Infosec Africa (VIA)

Virtual InfoSec Africa (VIA) is a wholly-owned Ghanaian company specializing in information security and cybersecurity solutions and services.

TRM Labs

TRM Labs

TRM enables risk management and compliance for a global community of financial institutions, cryptocurrency businesses and government agencies.

Eleviant Tech (CTG Group)

Eleviant Tech (CTG Group)

Eleviant Tech (CTG Group) is a USA based digital transformation company with expertise in Mobile, Cloud, Web, IoT, AR, RPA, Cyberseurity and AI Technologies.

CliffGuard Cybersecurity

CliffGuard Cybersecurity

CliffGuard Cybersecurity deliver comprehensive services designed to protect your organization from the ever-evolving landscape of cyber threats.

Core42

Core42

Core42 provides a full-spectrum of AI enablement solutions covering cloud, data, cybersecurity and digital services designed for customer success.