Netwrix, a cybersecurity vendor, announced additional findings for the education sector from its global 2022 Cloud Data Security Report

The survey discovered that 47% of educational institutions suffered a cyberattack on their cloud infrastructure within the past 12 months. For 27% of them, incidents in the cloud were associated with unplanned expenses to fix security gaps. 

“Educational institutions are keen to broaden their cloud adoption: The sector expects to have 56% of the workload to be in the cloud by the end of 2023, compared to this year’s 44%,” said Dirk Schrader, vice president of security research at Irvine, Calif.-based Netwrix. “But without proper visibility into who has access to sensitive data and when and how that data is being used, IT teams will not be able to proactively mitigate data overexposure and spot suspicious behavior in the cloud.” 

Eighty-three percent of educational organizations confirmed they store sensitive data in the cloud. With educators and students constantly sharing that information, they are more concerned about insider threats than other industries. Almost 1 in 2 (48 percent) of respondents in this sector consider cybersecurity risks associated with their own employees to be the biggest ones. 

“The educational sector has a good reason to be concerned about insider threats since 42% of them experienced account compromise attacks in 2022 compared to the average of 31% from the other industries surveyed,” Schrader said. “Accordingly, their IT teams should pay closer attention to identity and access management by implementing a zero standing privilege approach and enforcing strong password policies.”