The Primary Factors Driving Cybersecurity Investments in Education

Today’s schools are technology-rich environments. For example, they have long used internal systems to keep and track a variety of records, including the personal data of their students and faculty. Today, however, that tech infrastructure must be optimized to accommodate the shift to a new digital education model.

Teachers are increasingly adopting new digital learning tools, with $9 billion being spent on K-12 digital curriculum tools in 2016. While schools often provide some devices for faculty and students, bring your own device (BYOD) policies are becoming increasingly prevalent. This influx of uncontrolled devices and digital tools is forcing a change of focus in education cybersecurity and network design.

Schools Are Becoming More Tech Reliant

With 50 percent of teachers saying that desktops, laptops, or tablets are used at least once a day in the classroom, schools’ IT departments have the challenge of building an infrastructure that can support a variety of devices from multiple manufacturers, prioritize requests, and follow compliance standards. In addition to smooth day-to-day operations, schools must also ensure their network and connected devices have a strong cybersecurity component. As technology becomes more pervasive and cyber threats become more sophisticated, educators are reprioritizing their security posture.

Trends and Attack Vectors Inspiring Cybersecurity Investments

BYOD policies are one of the core drivers of cybersecurity investments at schools. It’s common for students and faculty to bring multiple personal devices to campus, with 65 percent of school systems expected to see two or more devices per student connected to their networks by 2019.

This poses an interesting dilemma for IT teams: how do you provide network security when you have limited control over the endpoints that will be connecting to your environment? With students and faculty bringing their own personal devices, which they connect to multiple networks, it can be hard to enforce security.

In addition to having strong network perimeter defenses, schools should implement internal segmentation, so that should a device become infected the rest of the network will not be compromised. Beyond network security, the increasing number of devices can also put strain on a school’s bandwidth. This means schools should consider investing in quality of service tools, such as caching, which can filter and prioritize requests to ensure and maintain higher network speeds, and a better user experience.

Sophisticated Cyber Threats Seek the Data that Schools Store

While students and faculty are increasing the number of devices and applications that have access to their school’s network, cybercriminals are searching for vulnerabilities they can exploit, be it an insecure application or endpoint, or an uninformed user. Cyber threats are constantly becoming more sophisticated. Motivated by a desire to exfiltrate sensitive data to be sold on the dark web, schools are high impact targets for cybercriminals because they house personally identifiable information, health records, and financial information.

Ransomware, the most recent wave of cybercrime, has also hit the education sector hard, with 13 percent of surveyed schools reporting their networks have been infected with a version of this malware. These attacks can cripple a network, and are often spread through phishing attacks proliferated through email. With this is mind, schools need to consider the security posture of their email servers, and ensure their firewalls are updated to detect and reject known versions of ransomware.

Increased Application Use on the Network Expands the Threat Surface

Applications are another popular attack vector cybercriminals seek to exploit. Digitized curriculums mean increased application use in the classroom, while students are using their devices to access social applications and more, all while connected to the network. The 2016 Verizon Data Breach Investigation Report found that web application attacks are the number one source of data breaches. Unpatched vulnerabilities or insecure code in web apps put schools at high risk. The success rate of these attacks has moved application security, such as web application firewalls, to high priority among IT teams.

Cybersecurity Must Comply with Government Regulations

For many industries, robust cybersecurity is considered a best practice that helps avoid the financial, reputation, and productivity damages that can result from a cyberattack. However, for industries like education, healthcare, and finance, cybersecurity is also legally mandated.

To ensure the safety of students, there are many government regulations that school cybersecurity programs must comply with. Among these are CIPA, HIPAA, and FERPA. When building up a cybersecurity infrastructure these rules cannot be overlooked, as they can result in fines or in some cases, loss of funding. Broadly, these rules ensure that unauthorized parties are not able to access any personally identifiable information. However, CIPA (the Children’s Internet Protection Act), also places restrictions on the types of content that are accessible to children. This means that schools IT teams also need to factor features such as content filtering into their cybersecurity programs.

Final Thoughts

Educational institutions are in an especially vulnerable position when it comes to cyberattacks. They house the sensitive information that hackers specifically seek, are running a wide variety of often unprotected end points, and are often constrained by budgets and other resources.

Nevertheless, technology use will only continue to grow in schools, while at the same time, cyber threats will continue to become both more frequent and sophisticated. Schools have to consider every attack vector, especially those mentioned above, when investing in cybersecurity tools. In addition to these key trends, schools should also consider their limited IT resources when adopting new tools in order to reduce the overhead needed to effectively manage, update, and integrate these tools for increased visibility and control.