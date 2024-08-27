Netwrix: 77% of Educational Institutions...

August 2024 by Netwrix

It reveals that 77% of organisations in the education sector spotted a cyberattack on their infrastructure within the last 12 months, up from 69% in 2023. The most common attack vectors were similar to those among other industries: Phishing, user account compromise, and ransomware or other malware attacks.

In the education sector, almost half (47%) of organisations faced unplanned expenses to fix security gaps because of a security incident. Moreover, one in seven of those organisations incurred compliance fines, and each tenth reported changes in senior leadership and lawsuits.

“An incident can reveal security gaps such as excessive admin privileges, dormant accounts, weak or unchanged passwords, default passwords or configurations, and unpatched systems due to negligence or lack of knowledge. Fixing a gap might not immediately require spending additional money but will definitely require time from the IT security team. In other words, addressing the root cause of a security incident results in additional investment, in either money or effort, or both,” says Dirk Schrader, VP of Security Research and Field CISO EMEA at Netwrix.

“In the aftermath of a breach, organisations must prioritise remediation steps to reduce risks moving forward. For example, the immediate response may include patching software on the most critical servers and adding a manual review step on certain operations. Longer-term remediation may have to wait for the next budget cycle and require additional software, services engagement, or headcount,” says Ilia Sotnikov, Security Strategist at Netwrix.