The universities’ guide to tackling cybersecurity threats

Many contributing factors have made HEIs increasingly attractive and vulnerable to cyber threat actors, resulting in more frequent and severe attacks.

Reliance on decentralised IT infrastructure in higher education institutions

HEIs rely heavily on IT infrastructure to enable day-to-day operations in both education and research. Particularly in recent years, amid a greater shift towards online learning and remote work, there is a growing dependency on IT and online resources. This greater reliance on IT systems exacerbates the threat of disruption, making these institutions ideal targets for ransomware or other attacks where the pressure to resume services will be high. PwC’s Cyber Threats 2022: A Year in Retrospect report drew attention to the high incidence of ransomware attacks on HEIs in 2022, with espionage and cyber crime the leading causes. As these systems are fundamental to the running of HEIs, attackers may feel that their targets will be more inclined to meet ransom demands rather than endure prolonged disruption, thus providing a strong incentive. Additionally, the departmentalised nature of these institutions can lead to a decentralised IT system in many cases, offering further vulnerability in cyber defences that attackers can exploit.

Breadth of information available with relatively open access

HEIs store valuable information on their online servers, attracting more threats than comparable organisations. This includes students’ personally identifiable information (e.g. email address, phone number, billing information etc.), faculty information, research data and intellectual properties. Government-sensitive information may sometimes be stored in universities, adding further risk. The value of the data stored on university systems makes them highly attractive to threat actors. In addition, these institutions are, by nature, built on a free and open exchange of information to inspire and enable collaborative research. As such, they may lack thorough data protection measures and information transfer guidelines, further exacerbating the risk of compromising or losing confidential data, data integrity or access to data. In addition, data breaches in these institutions can damage their reputation and reduce their ability to attract top academic talent, which is pivotal for future growth and development.

Strain on resources and funding

A strain on existing IT resources and funding has led to slower development in cybersecurity measures than expected. With a greater focus in recent years on facilitating remote learning and research, developing the necessary cybersecurity infrastructure to keep pace has fallen by the wayside. A global cyber talent shortage has exacerbated this problem, forcing HEIs into competition with private industry employers for specialised talent. It is hoped that government funding of €3.75 million towards improving cybersecurity in further and higher education and providing security operations centre and security information and event management services via HEAnet will help ease the financial burden for institutions. Ongoing investment and a reallocation of resources will be needed to address the evolving threat landscape and mitigate cyber attack risks.

Four actions higher institutions can take to strengthen cybersecurity

1. Regularly review cyber procedures

Cybersecurity measures should be reassessed regularly to ensure they offer sufficient protection. Alignment (or re-alignment) across departments in IT infrastructure and protocol may also help strengthen institutional defences. Measures such as regular data back-ups and stricter user authentication when accessing resources can also be implemented to mitigate risk and should be assessed regularly for effectiveness.

2. Reallocate or leverage existing IT resources

If budgetary expansions are not feasible, consider prioritising cybersecurity in IT budgets to avoid leaving existing technologies vulnerable. Internal solutions or external partnerships could also improve cybersecurity and should be explored thoroughly. In addition, existing software (such as Microsoft 365) can be configured to ensure maximum protection from cybersecurity threats.

3. Cybersecurity hygiene initiatives

Cybersecurity breaches can occur at all levels of an organisation, so HEIs must ensure students, staff, faculty and visitors are well-informed regarding cyber risks and have access to resources in the event of a breach. Phishing and similar attacks can be used to gain entry to a university system from any endpoint device, so it is important that all users are aware of best practice and can flag potential attacks before they transpire.

4. Remain aware of changing trends in cybersecurity

Cybersecurity threats are rapidly evolving to overcome mitigation measures. HEIs should remain aware of changes or emerging trends to ensure adequate protocols are in place.

We are here to help you

Our market-leading cyber incident response practice can help higher and further education institutions mitigate cyber risk and minimise disruption in an evolving threat landscape. We offer on-demand access to experienced professionals, including a 24/7 hotline; guidance to meet compliance requirements; roadmaps to maturity; and a wider approach to risk, including tackling broader business risks and legal, regulatory and reputational challenges.