3 in 4 Education Institutions Have Identified a Cyber Attack on Their Infrastructure in the Past Year

Seventy-seven percent of institutions across K-12 and higher education have uncovered a cyber attack on their infrastructure within the past 12 months, according to a new survey from cybersecurity company Netwrix. That represents a significant increase from 2023, when 69% of education organizations reported the same.

For its 2024 Hybrid Security Trends Report, Netwrix surveyed 1,309 IT and security professionals from a variety of industry sectors in 104 countries, to find out about their IT infrastructure, security challenges, and more. Education-specific survey results were released in a separate report, "Additional Findings for the Education Sector."

The most common attack vectors in education were phishing, user account compromise, and ransomware or other malware, the report found. Of the institutions that experienced a security incident, 47% reported facing unplanned expenses to fix security gaps, while 42% said they experienced no impact. Other cyber attack consequences included compliance fines (cited by 14% of respondents), change in senior leadership (11%), loss of competitive edge (11%), and lawsuits (10%).

Respondents were also asked about their biggest data security challenges. Fifty-one percent pointed to a lack of budget for data security initiatives; 47% said mistakes or negligence by business users; and 45% said an understaffed IT/security team.

"While educational institutions may have the same complexity as large organizations, they typically lack matching budgets and resources to deal with their dynamic environments," commented Ilia Sotnikov, security strategist at Netwrix, in the report. "It is crucial for the IT security teams in the education sector to have processes and tools in place to govern the identities, audit their activity, and monitor for any abnormal or malicious behavior."

The full report is available on the Netwrix site here.

About the Author

Rhea Kelly is editor in chief for Campus Technology, THE Journal, and Spaces4Learning. She can be reached at [email protected].

Featured

  • Federal Ban of Kaspersky Sales Cites 'Unacceptable' Security Risk

    Effective this fall, the United States government has ordered a ban on all sales of Kaspersky Lab software to businesses and private citizens due to concerns about cyber espionage.

  • person signing a bill at a desk with a faint glow around the document. A tablet and laptop are subtly visible in the background, with soft colors and minimal digital elements

    California Governor Signs AI Content Safeguards into Law

    California Governor Gavin Newsom has officially signed off on a series of landmark artificial intelligence bills, signaling the state’s latest efforts to regulate the burgeoning technology, particularly in response to the misuse of sexually explicit deepfakes. The legislation is aimed at mitigating the risks posed by AI-generated content, as concerns grow over the technology's potential to manipulate images, videos, and voices in ways that could cause significant harm.

  • abstract representation of equity at the core of AI

    Why Equity Must Be a Core Part of the Conversation About AI

    AI is an immensely powerful tool that can provide customized support for students with diverse learning needs, tailoring educational experiences to meet student’s individual needs more effectively. However, significant disparities in AI access and digital literacy skills prevent many of these same students from fully leveraging its benefits.

  • A glowing blue shield at the center, surrounded by digital lines and red dots

    Cohesity Adds CrowdStrike Threat Intelligence to Data Protection Platform

    Data security provider Cohesity has integrated CrowdStrike threat intelligence to its flagship data protection platform.