Intelligent CIO Europe Issue 15 - Page 75

INDUSTRY WATCH T he biggest cybersecurity threat to universities and how to make cybersecurity a priority according to Colin Truran, Principal Technology Strategist, Quest Software. As today’s modern campus relies on online services to power its learning and teaching environment, a greater number of devices belonging to students or staff connected to the network are exposing universities to cyberthreats. In turn, valuable data such as breaking research, students’ personal information and employee information, which is collected and kept on file by universities is in danger of being used for nefarious means by hackers. In addition to data being misused, universities are at risk of suffering reputational damage if they are unable to keep their network safe. The biggest cybersecurity threat As universities own a wide pool of valuable data, their networks are being targeted by a range of different tactics such as phishing attacks or ransomware, as well as a range of hackers – from nation states, to traditional, independent hacking groups. However, recent findings by Jisc, the UK’s not-for-profit organisation offering digital services and solutions to UK higher, further education and skills sectors, found that the biggest threats to universities’ cybersecurity are the students and staff. Based on data which Jisc has been collecting for years, the organisation concluded that it is highly likely staff and students are to blame for attacks for one reason – timing. According to Jisc, attacks on universities dramatically decrease during holidays such as Christmas, Easter, half-terms or summer holidays. This pattern could signal that attackers are in fact students or staff, or someone very familiar with the academic cycle. Steve Mulhearn, Director of Enhanced Technologies at Fortinet Additionally, Jisc found that attacks usually start between 8am and 9am, quieten around lunchtime but ramp up around 1pm and 2pm. Look within the network Students and staff are the core of each educational establishment and as such, it is difficult to imagine the biggest cybersecurity threat coming from within. However, the university’s large and inadequately secured network often enables malicious activity by being an easy target. Whilst universities are expected to offer all students the ability to connect their devices to the network and access the university’s digital services, this presents a challenge when it comes to preventing malicious activity and uncontrolled sensitive data sprawl due to poorly designed networks. These complex and large networks not only open universities to cyberthreats but also prevent the educational establishment from offering a stable, secure connection to its digital services for the many devices of students and staff. INTELLIGENTCIO 75