School is out for summer. This is a good time for schools to focus on cybersecurity projects for the coming year. Threat hunting, vulnerability management and the core value of continuous visibility are essential goals that school systems should commit to over the long, hot summer.
Finding time to improve is never easy. Information security professionals within the education sector in particular seldom have the time to reexamine their practices or to implement new procedures during the school year. Compounding these constraints is the complexity of IT systems in colleges and universities.
Educational campuses are unique in the breadth of their IT missions
Educational campuses are unique in the breadth of their IT missions. Not only must they serve large, mobile student populations, they also support the scientific and research needs of an academic staff while maintaining sensitive personal, academic, financial and medical records.
Cyber self-improvement is vital for schools, now more than ever. In April, the personal information of a Washington State school district was inadvertently released by the district after an outside party “spoofed” the email address from the superintendent. The email sought employee names, addresses, salary information and social security numbers.
Recently, certain Colorado schools experienced a security breach related to a proprietary platform called Infinite Campus. The Infinite Campus software stores personal and academic information, and may have released the personal information of over 2,000 students. Although several districts use the Infinite Campus platform, this compromised district expanded the collected data beyond grades, attendance and schedules to include highly confidential personal information. This may have been why they were targeted.
Most recently in Maine, a data breach widened as more employees complained of ID theft. In late March, district payroll employees received a phishing email which successfully tricked users into responding. The email asked for employee W-2 information. When several employees attempted to file tax returns this year, they discovered false ones had already been filed using their information.
Last summer, universities seemed to be more in the crosshairs as a flurry of cybersecurity incidents illustrated the growing threat facing higher education institutions.
- The entire engineering school of a prominent Pennsylvania university had to be taken offline for an extensive investigation and clean-up of its network and systems.
- Virginia universities were the target of a cyberattack against two officials whose work was connected with China.
- Even one of our country’s oldest universities suffered a hack that compromised user credentials in eight schools.
This is the best time to beef-up security measures, performing asset discovery to create a baseline inventory of assets
Now is the time for information security professionals to start cyber summer activities, and planning back-to-school projects to tackle cybersecurity challenges during the coming school year. Specifically, this is the best time to beef-up security measures, performing asset discovery to create a baseline inventory of assets and to prioritize these assets, and to implement best security practices.
Best practices include using next generation firewalls and security for web and email services, as well as system monitoring and advanced threat detection.
Summer threat hunting and back to school vulnerability management
Threat hunting and vulnerability management are core capabilities for achieving continuous monitoring in your network and detecting threats before they are exploited. This can help you detect and mitigate outsider threats and attacks, as well as insider threats—both malicious and user error—that can compromise your systems and data.
Colleges and universities can use the relative quiet of summer break to establish a foundation of effective threat hunting and vulnerability management by implementing solutions such as Tenable SecurityCenter Continuous View™ (SecurityCenter CV™), which provides a platform to continuously monitor networks for critical vulnerabilities and threats.
SecurityCenter CV gives organizations the ability to monitor their networks 24x7 for new vulnerabilities, devices and incidents. The solution can alert administrators to threats and incidents, and produce reports for IT, security and administrative personnel.
Several large higher education institutions use Tenable SecurityCenter CV to protect their networks. For example, the Auckland University of Technology, the second largest university in New Zealand, selected Tenable SecurityCenter CV for greater visibility, multiple scanning mechanisms, and enhanced reporting.
The relative lull in educational activities over the summer provides an opportunity that should not be wasted
By employing sound cybersecurity practices such as threat hunting and vulnerability management through proven technologies such as Tenable SecurityCenter CV, schools, colleges and universities can take large strides toward improving their cybersecurity posture for the upcoming school year and beyond. The relative lull in educational activities over the summer provides an opportunity that should not be wasted.