According to one report, ransomware attacks against higher education doubled in 2020 compared to 2019, with an average ransom demand of $447,000. Traditionally, criminals tended to be opportunists; they鈥檇 strike at random and hope to get lucky. Now they鈥檝e organized into highly sophisticated networks and cartels that will target any entity of substance they consider a viable target. Higher ed fits the profile, but some institutions are better positioned to withstand cybersecurity attacks than others. A combination of zero-trust and defense-in-depth allows these schools to defend against malware and ransomware. Ultimately, the job of the cybersecurity professional in higher ed is to 鈥減lan for the worst day,鈥 as one cybersecurity expert recently noted during a Campus Technology leadership summit. But how can agencies overcome these obstacles to adapt to an increasingly targeted and threatening cybersecurity landscape? Learn how your institution can safeguard against threats, overcome evolving technical demands, and more in 探花视频鈥檚 Innovation in Education report.
Gaining Total Visibility
鈥淲e can no longer piece together a set of disparate tools to solve acute security or compliance issues. Really, the only way forward is to use a mix of integrated security technologies that deliver, first, a view into traffic and, second, a flexible enforcement model that relies on artificial intelligence and machine learning to identify attacks. The solution starts and ends with visibility. The goal is to understand how data flows through the network, cloud and endpoints so that IT can provide a consistent security view no matter how services are being used. It鈥檚 important to understand how your users are tapping those services and to surface those things that traditional tools can鈥檛 see. As one example, we have a service called Xpanse, which will take an outside-in view of the network and start to build relationships, looking at how endpoints are interacting with other endpoints that are outside of the network, contributing to the building of a map showing how the institution is connected to the rest of the world.鈥
Read more insights from Palo Alto Networks鈥 Security Strategist, Hunter Ely.
A Unifying Viewpoint for Security
鈥淎utomation of the easy security work 鈥 known threats, known responses, malware detection, cleanup 鈥 addresses both problems, and everybody wins. The campus gains better operational success. And when humans don鈥檛 have to intervene with the ordinary, they鈥檙e free to do more interesting work. They grow in their positions, because they鈥檙e not just clicking buttons all day. Automation is especially important in an era of remote status quo and zero-trust. IT has to assume that there鈥檚 a high probability of any authentication request being nefarious. And that means being able to look at data in context: Is this person at a higher risk? Is the laptop or smartphone compromised? Should we let them on the network today? Have we scanned this device in the last three days? Then let鈥檚 not allow them access to this HR data. If they get their machine scanned, then they can come back and try again. While higher ed has long been predicated on allowing open access, now that can only happen when it鈥檚 the appropriate thing to do. Users have to be classified 鈥 student, researcher, staffer 鈥 and access has to be controlled. When everything looks normal, they get unfettered access. But when their machine or account is compromised, the access should be denied. Easier said than done, right?鈥
Read more insights from Splunk鈥檚 Minister of Magic, Jesse Trucks.
AI and the Carrot Approach to Zero-Trust Network Access
鈥淪ome 20 years ago, I was outfitted with a BlackBerry device, and it was the first time I could get e-mail from the road. But it wasn鈥檛 the built-in keyboard that made that device so special. It was really the fact that my organization鈥檚 IT department trusted the BlackBerry security model so deeply, I could use my device to access sensitive corporate information. BlackBerry鈥檚 mission hasn鈥檛 changed. But now, that security emphasis is used to secure some 500 million endpoints 鈥 including cars 鈥 produced by various companies. That鈥檚 why higher education has rediscovered BlackBerry. The university IT organization trusts the company to keep devices secure, whether they鈥檙e owned by the institution or individual people 鈥 students, staff or faculty. And now, without having to use a college-owned device that navigates through the college-owned firewall, users can once again be liberated, just like we were two decades ago, when we first got a taste of the freedom allowed by mobility.鈥
Read more insights from BlackBerry鈥檚 Director of Sales, Chris Russo.
Protecting the Campus from the Outside In
鈥淚s it any wonder threats are on the rise? As the number of system and data breaches rack up in higher education, security experts have adopted a defense-in-depth stance. Putting multiple defensive measures in place begins with a baseline security posture that wants to understand everything coming into and going out of the network, preferably in real time. The tricky part is achieving that level of visibility and response when the threats could originate from any one of the many thousands of devices accessing institutional resources. One route is deploying domain name system (DNS) security. Let鈥檚 think about DNS for a moment. It may be decades-old but it鈥檚 still heavily relied upon; without it, the entire network is shut off from the internet. Regardless of their location, endpoints require DNS to connect to any application, service or data source. And so does malware, which uses DNS at multiple stages of an attack. That鈥檚 why DNS is a marvelous transport system for malfeasance. Traditional security mechanisms don鈥檛 police it well because there鈥檚 so much of it 鈥 millions of DNS queries a day for the typical university.鈥
Read more insights from Infoblox鈥檚 Director and General Manager for U.S. Education, Rufus Coleman.
Uncovering the Hidden Costs of Cloud Security
鈥淲hile the public cloud has been a boon for higher education on many fronts, it has also become a conundrum, especially when it comes to storage for the purposes of security and safety. As the needs add up, so does the expense. The first not-so-hidden cost is the baseline cost of data storage. As an example, think about the capacity required to sustain video recordings of people entering and exiting buildings on campus. A network of 100 cameras, each capturing 8 frames per second with a modest resolution of 720 pixels, operating continuously at just medium quality, would require 200 terabytes of capacity. On Amazon Web Services, the cost for storing 200 TB on S3 would be about $56,000 for the year. If the institution were to upgrade to newer cameras capturing 15 frames per second at 1080 pixels, generating five times as much data 鈥 a full petabyte 鈥 the expense would quintuple, to about $289,000. Microsoft Azure would be slightly under that ($262,000) and Google Cloud a bit more ($327,000). Second, there is the additional hidden cost of the traditional route those cloud storage providers follow for transactions related to the data. They鈥檝e all predicated the value of their services on fractional pricing (a tenth of a penny for this, a couple of pennies for that) for seemingly insignificant activities, such as egress or API requests.鈥
Read more insights from Wasabi鈥檚 Senior Director of Product Marketing, David Boland.
Staying on Top of Cybersecurity: A Conversation with Two University CISOs
鈥淚n March 2020, I was feeling more comfortable in terms of what our border looked like and the things that we were protecting our constituents from. Then the pandemic happened and people started grabbing devices off of their desks and old laptops out of storage closets and dragging them home to put on home networks 鈥 and who knows how they were being secured, if they were being secured at all. I thought I had a fairly good plan in place and tools deployed across my infrastructure to protect us, but that was all out the window. And so, over the last year we鈥檝e been looking at services and products we can deploy that will protect our users as well at home as we could when they were on campus. And there鈥檚 nothing like having a community of your peers to have those conversations with and to learn what they鈥檙e doing, how long it took them to get there, what bumps they ran into along the way and ultimately, how they were able to steer around those. That鈥檚 significantly beneficial to all of us, and that is a huge value of participating with Internet2 overall and through the NET+ program for specific cloud and security solutions.鈥
Read more insights from Tom Dugas, CISO for Duquesne University, and Rick Haugerud, CISO for the University of Nebraska-Lincoln.
Community-Powered Problem-Solving
鈥淲e facilitate the community engaging with each other to identify best practices. For example, let鈥檚 say there鈥檚 a particular challenge that a campus is trying to figure out. They may go into a community call, where campuses can ask their peers: How do you solve this problem? And then they can get immediate feedback. Or there are many ways institutions collaborate digitally, including e-mail lists, Slack channels and wikis, where they can engage with peers to identify best practices. That is all part of the NET+ program, where advisory boards and community events help to foster more optimal service offerings and benchmarking. And a program manager like myself is engaged with and supports these types of discussions. After a number of campuses have verbalized similar challenges, we鈥檒l realize maybe there鈥檚 something there that we need to write up, to share broadly with the community, where they can look at a frequently asked questions repository and find the answers to their questions. And that鈥檚 even faster than going and asking their peers.鈥
Read more insights from Internet2鈥檚 Program Manager for Security and Identity, Nick Lewis.
Download the full Innovation in Education report for more insights from these cybersecurity thought leaders and additional industry research from CampusTech.
