The Case For Cybersecurity Operations In Education
By Bob Turner, field CISO for education, Fortinet.
Education technology leaders are continuing to fight the cybersecurity battles. Microsoft reports that education accounted for over 80% of enterprise malware encounters since late February 2022. Sophos ranks education No. 3 in ransomware, with close to 500 attacks occurring in 2021.
While many universities are joining consortiums that provide security operations services, those institutions that have an active Security Operations Center (SOC), are reporting benefits including quick and effective response, decreased costs of breaches and operations, active threat prevention, improved communication and coordination, and availability of security expertise when they need it.
While there is forward motion aimed at providing safe and secure internet experiences for students and faculty, more can be done. With the cost of cybersecurity tools and talent, many programs are “best effort” and usually performed by IT staff who are not full-time security professionals.
Forward-leaning colleges and universities may have managed security services or have invested in a small team of security-focused staff. Others join with partner institutions or state level security operation centers and receive early warning information, allowing them to focus efforts when threats are reported. The rest are still struggling to rationalize the cost for any dedicated security operation.
Data breaches, ransomware attacks and other cyber incidents carry the potential for significant financial damage, among other problems, so colleges and universities have been investing for over a decade in improved talent, cutting edge cybersecurity tools, and continual testing of security controls. They’re also grappling with the need to protect research information and research budgets while also meeting increased compliance requirements that come with sponsored research.
Federal guidelines for protection of sensitive research and administrative data such as the National Institute for Standards and Technology 800-171, the Capability Maturity Model Certification (CMMC), and healthcare information protection laws are major motivators for improved cybersecurity given that personal and regulated data gathered under research projects must be protected.