Why higher education is one of the worst industries at handling cyberattacks

Some 73% of institutions took three or more days to apply patches for cyberthreats, according to a recent EfficientIP report.

Watch out for these top 5 cyber-attack vectors

Higher education ranks as one of the worst business sectors to handle cyber threat crises. Nearly three-quarters of participants (73%) took three or more days to create and apply a patch after notification of an attack , said EfficientIP's 2018 Global DNS Threat Report on Monday.

Additionally, the cost for DNS-based threats rose by 68% to $690,000 in the education sector in 2017. These results reveal that no sector is safe, especially not higher education, said a press release. And with school getting back in session, IP-enabled devices will be flooding institutions, leaving more vectors of attack open, added the release.

SEE: IT leader's guide to cyberattack recovery (Tech Pro Research)

Unsecured Internet of Things (IoT) devices can pose a threat to the IT networks that support them, leading to hacking and DDoS attacks, added a release. Universities often resort to simply shutting down services--in order to protect the network--but that is a weak response that results in wasted time, the release said.

"Campuses are hosting everything from laptops to smartphones, which make it a challenge for the university's IT department to assume those devices are secure. In the case of a network attack, multiple devices will make it difficult to respond instantly and with the right countermeasures," said Dennis Borin, senior solutions architect at Efficient IP, in the release. "Being able to quickly recognize and investigate the threat, plus tying all the access controls to a centralized authority management system is critical to a campus network," he added.

Some ways to combat these attacks are through enhanced threat intelligence and domain reputation, which produces insights to global traffic analytics, the release noted Augmenting your threat visibility using real-time DNS transaction analytics is another solution the report suggests, along with adaptive countermeasures, and incorporating a network security solution to recognize unusual activity.

The big takeaways for tech leaders:

  • The higher education sector ranks highest among the worst business sectors for handling cyberthreats, with 73% of organizations taking three or more days to apply a patch.--EfficientIP, 2018
  • The rise in IoT devices, especially among college-age students, leaves universities open to more vectors of attacks. --EfficientIP, 2018

Also see

Image: iStockphoto/RenysView