3 in 4 Education Institutions Have Identified a Cyber Attack on Their Infrastructure in the Past Year

Seventy-seven percent of institutions across K-12 and higher education have uncovered a cyber attack on their infrastructure within the past 12 months, according to a new survey from cybersecurity company Netwrix. That represents a significant increase from 2023, when 69% of education organizations reported the same.

For its 2024 Hybrid Security Trends Report, Netwrix surveyed 1,309 IT and security professionals from a variety of industry sectors in 104 countries, to find out about their IT infrastructure, security challenges, and more. Education-specific survey results were released in a separate report, "Additional Findings for the Education Sector."

The most common attack vectors in education were phishing, user account compromise, and ransomware or other malware, the report found. Of the institutions that experienced a security incident, 47% reported facing unplanned expenses to fix security gaps, while 42% said they experienced no impact. Other cyber attack consequences included compliance fines (cited by 14% of respondents), change in senior leadership (11%), loss of competitive edge (11%), and lawsuits (10%).

Respondents were also asked about their biggest data security challenges. Fifty-one percent pointed to a lack of budget for data security initiatives; 47% said mistakes or negligence by business users; and 45% said an understaffed IT/security team.

"While educational institutions may have the same complexity as large organizations, they typically lack matching budgets and resources to deal with their dynamic environments," commented Ilia Sotnikov, security strategist at Netwrix, in the report. "It is crucial for the IT security teams in the education sector to have processes and tools in place to govern the identities, audit their activity, and monitor for any abnormal or malicious behavior."

The full report is available on the Netwrix site here.

About the Author

Rhea Kelly is editor in chief for Campus Technology, THE Journal, and Spaces4Learning. She can be reached at [email protected].

Featured

  • cyber security padlock

    AI Adoption Forces Trade-Off Between Speed and Identity Security, Study Finds

    AI adoption is forcing enterprises to trade security for speed — and identity controls are the first casualty, according to a new report from Delinea, a provider of identity security solutions for both human and AI agent identities.

  • abstract colored blocks

    OpenAI Drops Sora Short-Form AI Video Platform

    OpenAI is reportedly dropping Sora, its generative AI model that creates short video clips from text prompts, images, or existing video inputs. The move upends the company's December partnership with The Walt Disney Company.

  • layered glass panels and light trails

    Stanford Online Launches Immersive Learning Studio

    Stanford Online recently marked its 30th anniversary with the announcement of a new immersive learning studio, according to a university news release. The studio takes advantage of AI-powered and immersive learning technologies to continue delivering personalized and faculty-led education.

  • illustration of people collaborating around large interlocking gears and data charts

    Why ERP and AI Initiatives Stall at the Execution Layer: A CIO Perspective

    Higher education institutions are investing heavily in ERP modernization, analytics, and AI-driven capabilities. Yet even with these investments, many are running into the same issue: turning insight into coordinated, timely action.