Report: More IoT Device Exposures Seen in Education Institutions

Education institutions have a 14x higher rate of Internet of Things device exposures compared to other industries, according to a recent report from RiskRecon and cybersecurity research firm Cyentia Institute. Researchers analyzed millions of internet-facing hosts controlled by more than 35,000 organizations to find out what types of IoT devices are prevalent in enterprise environments, and how exposed IoT devices can correlate with other security-related risks.

In the education sector, 6.6 percent of organizations had exposed IoT devices, compared to the base rate of 0.5 percent across industries. Taking all industries into account, the top three types of exposed IoT devices were: cameras, "management interfaces" (meaning a variety of devices using generic IoT development software) and printers. Of those exposed devices, the researchers found, 85.7 percent had "critical" security issues that could result in serious compromise.

Organizations with exposed IoT devices also had a 62 percent higher density of other security issues. The biggest increase was seen in network filtering and software patching issues, which both jumped at least 60 percent in correlation with exposed IoT devices vs. non-exposed IoT devices.

The full report is available on the RiskRecon site (registration required).

About the Author

Rhea Kelly is editor in chief for Campus Technology, THE Journal, and Spaces4Learning. She can be reached at [email protected].

Featured

  • student reading a book with a brain, a protective hand, a computer monitor showing education icons, gears, and leaves

    4 Steps to Responsible AI Implementation

    Researchers at the University of Kansas Center for Innovation, Design & Digital Learning (CIDDL) have published a new framework for the responsible implementation of artificial intelligence at all levels of education.

  • glowing digital brain interacts with an open book, with stacks of books beside it

    Federal Court Rules AI Training with Copyrighted Books Fair Use

    A federal judge ruled this week that artificial intelligence company Anthropic did not violate copyright law when it used copyrighted books to train its Claude chatbot without author consent, but ordered the company to face trial on allegations it used pirated versions of the books.

  • server racks, a human head with a microchip, data pipes, cloud storage, and analytical symbols

    OpenAI, Oracle Expand AI Infrastructure Partnership

    OpenAI and Oracle have announced they will develop an additional 4.5 gigawatts of data center capacity, expanding their artificial intelligence infrastructure partnership as part of the Stargate Project, a joint venture among OpenAI, Oracle, and Japan's SoftBank Group that aims to deploy 10 gigawatts of computing capacity over four years.

  • laptop displaying a phishing email icon inside a browser window on the screen

    Phishing Campaign Targets ED Grant Portal

    Threat researchers at cybersecurity company BforeAI have identified a phishing campaign spoofing the U.S. Department of Education's G5 grant management portal.