The most common threat patterns in the education sector were driven by the human factor, Netwrix survey reveals
Netwrix, a cybersecurity vendor that makes data security easy, today announced education market findings from its 2020 Cyber Threats Report. Netwrix conducted this online survey in June 2020 to understand how the pandemic and ensuing educate-from-home initiatives changed the IT risk landscape.
Since the transition to remote learning, educational institutions have become increasingly concerned about IT risks. 33% of them say they are more vulnerable to cyber threats than they were pre-pandemic, which is higher than any other vertical analyzed. 89% of them admit to having new security gaps caused by the rapid transition to remote education — again the highest finding among all industries.
The overwhelming majority (92%) of educational institutions consider improper data sharing to be a top security risk. This worry is well-founded: 41% of respondents reported that they had suffered such incidents in the first few months of the pandemic, making it one of the most common threat scenarios experienced. Other types of incidents reported included phishing (50%) and administrator mistakes (31%).
Other findings discovered by the survey include:
- 78% of the educational institutions that feel they are at greater risk now than before the pandemic are concerned that users may ignore security guidelines.
- Concern about malicious actions by rogue admins dropped from 92% to 9%. Indeed, only 12% had such incidents, but they had the longest dwell time: 43% of respondents needed weeks or months to detect the issue.
- Every fourth educational organization experienced misconfiguration of cloud services in the first few months of the pandemic.
“To minimize the risk and impact of human errors, we recommend investing in security training and easy-to-use collaboration tools. The latter will eliminate the temptation to share sensitive records through unsanctioned solutions while giving the IT team enough control and auditability. Also, look for ways to leverage automation to augment the IT team’s efforts. For instance, data classification will help them focus their security efforts on the most critical data while automating audit trail collection and analysis will enable them to detect and investigate incidents faster,” said Ilia Sotnikov, VP of Product Management at Netwrix.
To get the complete findings of the Netwrix 2020 Cyber Threats Report visit: https://www.netwrix.com/2020_