Universities & the Higher Education Sector

Managing risk in the education sector

Universities and Higher Education Sector are innovating every single element of their field, especially after COVID. Starting from remote delivery of classes to transforming the ways in which knowledge is shared with new cutting-edge technologies and AI, the sector has grown exponentially when it comes to digitization. Over the years, the sector has generated massive volumes of valuable data including PII, Research and Development Information, Patents and so much more making it a top target for attackers in 2023. Therefore, cybercriminals around the globe undertake sophisticated attacks for both financial gain and geopolitical objectives from state sponsored espionage within this sector. The education sector has seen a 15% YoY rise in weekly cyber attacks in 2023 according to World Economic Forum (WEF) , and the sector is likely to see an upward trend for 2024.


As universities and higher education institutions continue to bolster their cybersecurity defense, it is important to understand the development of risk within the sector in the future, from the impact of the AI Revolution to rapid Data boom with ChatGPT and similar GenAI technologies. Although the sector relies heavily on decentralised IT and open access of information, COVID and other geopolitical events have forced the sector to rapidly move to the cloud and form a hybrid infrastructure service and utilising software-as-a-service products. However, the biggest challenge include protecting the huge volumes of Data being generated and comply with the constantly evolving regulations, while managing the emerging threats and the nefarious cyberattacks.


Top cybersecurity risks for 2024

Data Security

Universities are at high risk of a data breach due to their complex environment combined with their extensive valuable data. The challenge security teams face from data sprawl makes it difficult to understand the true health of their data; where it is, who has access, what controls are in place, what classification it requires, who owns and manages the data. Data sprawl increases the risk of any of this data being exfiltrated and sold online.

Next-Gen Phishing Attacks

Generative AI will increase the success rate of social engineering attacks and in particular phishing attacks. University students have always been a high target for phishing attacks and cybercriminals have increased in using deepfake social engineering attempts to validate phishing attempts and create engaging, personalised and more sophisticated attacks to lure users into providing information or access to internal systems.

Internet of Things (IoT) Security

The widespread integration of poorly secured IoT devices within universities, such as student ID cards, automated attendance tracking systems and temperature & environmental sensors are increasingly being connected to the internet. This increases the attack surface for universities exponentially. Recent ZScaler research shows a 400% growth in IoT malware attacks in 2023, which will only increase estimated to grow worldwide to over 29 billion by 2030.

Cyber Warfare and State-Sponsored Espionage

The recent Israel-Hamas war and ongoing war in Ukraine has shown the willingness of nation state actors to engage in global cyber-attacks which is unlikely to slow down. Universities will remain a top target for geopolitical reasons and access to high value cutting-edge research and development. Universities also look like a government from the perspective of systems, different functional areas and different types of data. They are therefore an attractive target if someone is practicing for a state-attack, a university is a good training ground for that.

Sophisticated and Unsophisticated Ransomware

From unsophisticated attackers buying cheap ransomware kits online and from sophisticated attackers attempting double extortion, ransomware will continue to grow in 2024 for universities and higher education; Firstly, through disrupting core services such as admissions, enrolment, teaching and access to business-critical applications in the hope that they will get a payoff for getting services back online and Secondly through data extortion and selling the valuable data on the dark web to those who engage in identity theft.

Gen AI and Cloud Adoption for Digital Transformation

With cloud-based learning platforms and the use of gen AI for education sector, such as Notebook LM, the attack surface is increasing significantly in the digital transformation journey for universities and higher education. As the sector is reimagining how to bring people, data, and processes together, they need to ensure that their underlying technologies and softwares are not outdated, vulnerabilities are patched and managed and systems are constantly monitored and upgraded to avoid an easy entry for cyber criminals within the systems.

Discover how leading universities elevate their security and stay ahead of cyber criminals

A Webinar on enhancing data security in higher education institutes with Gerard Culley, Director of IT, UCC and Justin Doyle, Deputy Director of ISS, DCU

Watch our enlightening webinar focused on Securing Data in Higher Education Institutions where our panel of experts, representing diverse Higher Education Institutions, share practical insights and real-world case studies that highlight effective approaches to data security.

Request a Gap Analysis

Level 1 High Education Cybersecurity Gap Analysis

Copyright Smarttech247 - 2021