『Securing Education: How Resource-Strapped Colleges Can Fight Back Against Cyber-Attacks』のカバーアート

Securing Education: How Resource-Strapped Colleges Can Fight Back Against Cyber-Attacks

Securing Education: How Resource-Strapped Colleges Can Fight Back Against Cyber-Attacks

無料で聴く

ポッドキャストの詳細を見る

このコンテンツについて

 In this article, Andy Le Grice outlines the challenges that UK colleges currently face in securing their institutions against cyber-attack, and the potential steps they can take to effectively improve their security posture within the tight constraints of the Further Education sector.It’s no wonder that cyber security is front of mind for much of the Education sector. According to the government’s recently-published Cyber Security Breaches Survey 2023, more than four in five UK colleges have identified breaches or attacks within the last 12 months, with roughly a third reporting such incidents occurring on a weekly basis.This is clearly an unsustainable situation, and one that’s partially due to the low security posture that colleges have traditionally held. However, as resources and personnel continue to be stretched at many institutions, it’s not a problem with an immediately obvious solution.Strengthening Cybersecurity in Further EducationAs a technology consultancy specialising in the public sector, we at ITGL are very aware of the tight budget constraints that colleges face, and how the continuing global deficit in cyber professionals has resulted in a skills gap across the industry.To help bolster the security posture of the Further Education sector, we‘re holding a free digital event on 18th May 2023, highlighting the most common and urgent vulnerabilities present in institutions’ defences, as well as demonstrating best practices and proactive steps that colleges can take to better secure their networks and infrastructure, ensuring that their limited resources are managed to receive the best possible return on investment.Colleges are, by design, very open institutions. On any given day, they will be providing network access to hundreds – or thousands – of students, faculty, guests, and staff. This ease of access is vital for the day-to-day operation of the college, but left unmanaged it can also leave them open to the possibility of attacks that originate from inside their networks.Network access controls can be implemented across an institution’s networks to directly combat this; users and devices can be authenticated and authorised before they are granted access to the network at any level, ensuring that only trusted users can access more sensitive resources. At the same time, users without the same level of authorisation – such as students and guests – can be filtered onto a more public-facing network designed for such devices.Posture checks can continuously be made on devices, ensuring that compromised devices are kept off sensitive networks, while improving the security posture of those devices that are connected, by requiring that firewalls are enabled, operating systems and browsers are updated, and endpoint security is active.The Threat of Phishing in Further EducationWhile colleges often aren’t seen as high-value targets for complex or sophisticated cyber-attacks, the frequency with which they experience an attempted breach or attack shows that a sufficiently low-security posture can be reason enough for outside threats to act. Phishing is so prevalent in modern life that its presence in Further Education is no surprise – in the previously referenced Cyber Security Breaches Survey, 91% of colleges that had identified breaches or attacks reported that phishing was among the methods used.The positive side of this news is that, because the vast majority of phishing occurs via email, some basic steps can make a substantial difference in this regard. By utilising best practices when setting up an institution’s email services (such as implementing the DMARC email standard, and the application of threat intelligence and content analysis), the volume of malware and phishing emails that make it to a user’s inbox can be cut drastically. When combined with consistent, clear end-user training and good cyber awareness, the effectiveness of phishing as an attack vector is diminished further.Of course, we recognise that all o...
まだレビューはありません