Ed Sector Worse than Others in Virtual Machine Security

  • By Dian Schaffhauser
  • 07/24/14

Nearly every large organization has experienced some kind of "significant" IT security incident in the last year, such as a phishing attack, compliance policy violation or unsanctioned device or application use. One in six have had five or more such events. Yet, only a third of security professionals have any confidence that their operations will be able to address inadequate security controls through investment or upgrade. Four out of 10 security people find it more challenging to manage security problems now vs. two years ago. The four biggest challenges among that group: prevention, diagnosis, remediation and identification.

These are some of the findings of a research project done by IDG Connect for ForeScout, a company that sells security products. The researchers queried 1,600 "IT information security decision makers" in American and European organizations with more than 500 employees. Twenty four percent of the survey respondents were in the education segment.

The report, "State of IT Cyber Defense Maturity," free with registration, stated that education (along with manufacturing and finance) were "more prone" to phishing attack than other segments.

In the areas of policy definition, technical controls and mitigation capabilities, the education sector came out as the least mature. Education also appears to have more issues with virtual machine security (68 percent) and inventory management (65 percent) compared to the industry aggregate (58 percent and 58 percent, respectively).

The education sector was the least confident of any that it would be able to address gaps in security event logging and monitoring tools. Likewise, only a third of education respondents reported that they were "very confident" they could improve security measures for managing mobile devices anytime soon; the remainder were either not or only somewhat confident they could address this area.

About the Author

Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.

Featured

  • DeepSeek on AWS

    AWS Offers DeepSeek-R1 as Fully Managed Serverless Model, Recommends Guardrails

    Amazon Web Services (AWS) has announced the availability of DeepSeek-R1 as a fully managed serverless AI model, enabling developers to build and deploy it without having to manage the underlying infrastructure.

  • The AI Show

    Register for Free to Attend the World's Greatest Show for All Things AI in EDU

    The AI Show @ ASU+GSV, held April 5–7, 2025, at the San Diego Convention Center, is a free event designed to help educators, students, and parents navigate AI's role in education. Featuring hands-on workshops, AI-powered networking, live demos from 125+ EdTech exhibitors, and keynote speakers like Colin Kaepernick and Stevie Van Zandt, the event offers practical insights into AI-driven teaching, learning, and career opportunities. Attendees will gain actionable strategies to integrate AI into classrooms while exploring innovations that promote equity, accessibility, and student success.

  • college student working on a laptop, surrounded by icons representing campus support services

    National U Launches Student Support Hub for Non-Traditional Learners

    National University has launched a new student support hub designed to help online and working learners balance career, education, and family responsibilities as they pursue their education. Called "The Nest," the facility is positioned as a "co-learning" center that provides wraparound support services, work and study space, and access to child care.

  • laptop displaying a glowing digital brain and data charts sits on a metal shelf in a well-lit server room with organized network cables and active servers

    Cisco Introduces AI-First Approach to IT Operations

    At its recent Cisco Live 2025 event, Cisco announced AgenticOps, a transformative approach to IT operations that integrates advanced AI capabilities to enhance efficiency and collaboration across network, security, and application domains.