Intelligent CIO Europe Issue 15 - Page 76

INDUSTRY WATCH An additional issue here is that creativity is not limited to just the students. For example, the university’s technology management teams, with their wide remit and increasingly low funds, often search and find ways to solve network problems with creative scripting and workarounds. This creativity leads to network environments which are highly complex, creating a much larger attack surface area as a result. Protecting a university’s network and data In today’s world of rapid growth in personal devices, it is vital that universities implement radical changes to the design of networks. Universities must invest in their digital environment and ensure that they modernise data management practices, remove complexity and isolate sensitive services from student activity. They also must enable the online environment to understand threats quickly and react accordingly. For example, AI threat detection and automated threat response can detect malicious activity and restructuring the environment can isolate sensitive services from student activity. By restructuring and investing in their digital environment, universities will be able to offer internal and external nefarious attackers fewer opportunities to attack, as well as less time to do so. Cybersecurity as a priority The internal and external threat to universities’ cybersecurity is real and it is crucial that universities understand it as such. When it comes to data and network security, complacency is the real danger. Universities should invest in their own cyberspace security and reduce the need for in-house security teams to become creative when it comes to network problem solving. By investing in cybersecurity and redesigning their networks, universities can be safer from internal and external threats, keeping valuable data out of hands of hackers and networks up and running. Steve Mulhearn, Director of Enhanced Technologies at Fortinet, offered some additional thoughts on university 76 INTELLIGENTCIO ////////////////////////////////////////////////////////////////////////// institutions securing their network infrastructure against hackers: The importance of a secure and stable network connection for staff and students at universities We must remember that the network as a whole is now as important to infrastructure as electricity and gas. Everybody relies on that network for it to be available and as trouble-free as possible. From our perspective, very often this level of infrastructure is almost just expected to work. As soon as that network isn’t available, the damage and disruption it causes to staff and students is outrageous. All of a sudden, everything they’re doing from a sharing perspective; from information sharing, from access to social media and even just publishing their own information, is absolutely critical. It is now that fourth emergency service for them. Network safeguarding when research suggests hackers could be students One of the startups I created was with the University of Michigan. Whilst working with them, we accessed a network to understand student behaviour which gave me a great insight into how they do what they do. The insider threat in those environments is significantly higher than probably any other area in our customer base. I could have a disgruntled employee, but that doesn’t mean they’re going to do something malicious. I always break it down into three groups; mischievous, malicious and criminal. Unfortunately, the students fall into the first two. Mischievous – can I just do it? Malicious – can I do it and improve my grades? The insider threat comes from mischievous and malicious activity. It’s typically not from criminal activity because that would lead to organised crime and I would hope that university students aren’t into organised crime. Implementing radical changes to the design of university networks I think this is very important. Very often we discuss how they can reduce the risk to their network. It’s not just about bigger, better, faster. It’s also about understanding risk and historically, universities haven’t been risk- averse – they’ve actually accepted quite a high level of risk in the level of access they’ve given students in open networks and sharing of information. This assumes a trusted user but unfortunately, that isn’t true. Universities almost have to reassess it and question how they protect themselves from inside and outside threats. Many universities don’t even know where their critical assets sit and obviously with the standards of GDPR, they must now protect this data and be aware of its location and importance. This information is worth a fair amount of money on the black market, so universities must understand the design. It’s all about segmenting the network internally and not just at the perimeter – this is a way of modernising part of a university’s data management. Using technologies such as AI to detect threats and automate processes I think you have to be honest about what AI can do. I don’t like the term ‘Artificial Intelligence’ because for me, if you take the science fiction view of it, is not what we do. What a lot of systems do today is Augmented Intelligence and Machine Learning. These technologies have a huge part to play because of the lack of resources and operational staff that these institutions have. So, they can help them quite dramatically. An area I’ve worked in for quite some time is behavioural analytics. I’m not looking at 95% of people, I’m looking at the 5% of people that do something different and if I can do that and Augmented Intelligence and Machine Learning can help me, that’ll enable me to spot suspicious targets. If I can see it, I can do something about it. If I’ve got no visibility of it, I’m never going to do anything about it. Restructuring a university’s digital environment to benefit the institution I think it’s about efficiencies – using technology in the right place and not just throwing it at anything. Everybody talks about Digital Transformation – in government, in local government, in universities – that must go hand-in-hand with security transformation. Therefore, when you’re restructuring the university’s digital environment, you’re looking to get people working on what’s most important. n