The US Education Sector Is Under Siege

Uploaded on 2024-09-13 in NEWS-Cybersecurity News, FREE TO VIEW

Netwrix, a cyber security that delivers effective cyber security services to any organisation, has surveyed 1,309 IT and security professionals globally and recently released their findings for the educational sector based on the data collected.

It reveals that 77% of organisations in the education sector spotted a cyberattack on their infrastructure within the last 12 months, up from 69% in 2023. 

The most common attack vectors were similar to those among other industries: Phishing, user account compromise, and ransomware or other malware attacks. In the education sector, almost half (47%) of organisations faced unplanned expenses to fix security gaps because of a security incident. 

Moreover, one in seven of those organisations incurred compliance fines, and each tenth reported changes in senior leadership and lawsuits. “An incident can reveal security gaps such as excessive admin privileges, dormant accounts, weak or unchanged passwords, default passwords or configurations, and unpatched systems due to negligence or lack of knowledge... Fixing a gap might not immediately require spending additional money but will definitely require time from the IT security team."

“In other words, addressing the root cause of a security incident results in additional investment, in either money or effort, or both,” says Dirk Schrader, VP of Security Research and Field CISO EMEA at Netwrix.

In the aftermath of a breach, organisations must prioritise remediation steps to reduce risks moving forward. For example, the immediate response may include patching software on the most critical servers and adding a manual review step on certain operations.  

“Longer-term remediation may have to wait for the next budget cycle and require additional software, services engagement, or headcount,” commented s Ilia Sotnikov, Security Strategist at Netwrix.

Netwrix   |    Dark Reading   |   

Image: Tumisu

You Might Also Read: 

Dealing With Security Incidents In The Enterprise Sector:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Who Are The Top 10 Cyber Security Companies?
Who Are The Top 10 Cyber Security Companies? [extract] »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Booz Allen Hamilton

Booz Allen Hamilton

Booz Allen Hamilton is a management & tech consulting firm. Technology services include cloud computing, cyber security, systems development and integration.

Prevalent

Prevalent

Prevalent takes the pain out of third-party risk management. Companies use our services to eliminate the security and compliance exposures that come from working with vendors and suppliers.

Neoteric Networks

Neoteric Networks

We deliver a no nonsense procedure to implementing technology. The technology selection process ensures that all customers enjoy an engineered methodology implementing technology.

Payatu

Payatu

Payatu Technologies is a security testing and services company specialized in Software, Application and Infrastructure security assessments and deep technical security training.

Jumio

Jumio

Jumio’s end-to-end identity verification and authentication solutions fight fraud, maintain compliance and onboard good customers faster.

OCM Business Systems

OCM Business Systems

OCM are experts in the safe, secure and responsible disposal of IT & EPoS assets.

Center for Education & Research in Information Assurance & Security (CERIAS)

Center for Education & Research in Information Assurance & Security (CERIAS)

CERIAS is one of the world’s leading centers for research and education in areas of information and cyber security.

Crosspoint Capital Partners

Crosspoint Capital Partners

Crosspoint Capital Partners is a private equity investment firm focused on the cybersecurity and privacy sectors.

Neptune Cyber

Neptune Cyber

Neptune is a cyber security company that works exclusively in the marine sector. Our team combines experts in shipbuilding, maintenance and operations and cyber security testing and design.

Vantea SMART

Vantea SMART

Vantea SMART have decades of experience in cybersecurity resulting in an approach of proactive prevention - Security by Design and by Default.

BT Security

BT Security

BT provides telecommunications and network infrastructure services to keep businesses around the world connected and secure.

Azerbaijan Cybersecurity Center (ACC)

Azerbaijan Cybersecurity Center (ACC)

Azerbaijan Cybersecurity Center is a state-of-the-art facility to deliver advanced cyber training programs and build the next generation of Azerbaijan’s cybersecurity professionals.

Xeol

Xeol

Software free of vulnerabilities, built and distributed by trusted entities. Our mission is to help customers secure their software from code to deploy.

Automotive Information Sharing & Analysis Center (Auto-ISAC)

Automotive Information Sharing & Analysis Center (Auto-ISAC)

Auto-ISAC provides a forum for companies to analyze and identify threats sooner and share solutions that enhance vehicle cybersecurity.

SecuCenter

SecuCenter

Secucenter is a trusted partner for SOC services, offering security expertise in a cost-effective way.

SGS Brightsight

SGS Brightsight

SGS Brightsight is the largest independent security evaluation lab in the world, with ten recognised labs worldwide.