A recent survey conducted by cybersecurity vendor Netwrix found that 69 percent of organizations in the education sector suffered a cyberattack within the past 12 months. 

Phishing and user account compromise were the most common attack paths for these organizations, while phishing and malware (such as ransomware) topped the list for other verticals. Moreover, 3 out of 4 attacks (75 percent) in the education sector were associated with a compromised on-premises user or admin account, compared 48 percent for other sectors. 

The education sector data is part of Netwrix Research Lab’s global survey of 1,610 IT and security professionals for its 2023 Hybrid Security Trends Report. 

The survey also found that the primary IT priorities of educational institutions are the same as for organizations overall: data security, network security and cybersecurity awareness among employees. However, there were some differences in what measures the respondents said they would take to enhance the security posture of their organization if they had a chance to decide on their own. 

Improved privileged access management topped the list for all verticals, but demand for password management was higher in the education sector: 43 percent of those respondents said they would like to manage passwords better, compared to 36 percent of respondents from other industries. Meanwhile, identity governance turns out to be in lower demand in the education sector: Only 32 percent of those respondents would choose to improve this area, compared to 41 percent among organizations overall. 

“Organizations in the education sector handle variety of accounts — staff, third-party contractors, educators, students, alumni — that have a high turnover rate. Even if identity management is automated, it is a challenge to keep users trained on security best practices because there is a continual supply of newcomers,” said Dmitry Sotnikov, vice president of product management at Netwrix. “In addition, students may lack experience in spotting phishing emails or fake websites asking for their credentials. To address these challenges, it is essential to mandate security training within the first few weeks and repeat it on a regular basis.” 

To facilitate research and collaboration, educational institutions often provide a variety of shared devices and systems exposed to the internet, which creates a massive attack surface, explained Dirk Schrader, vice president of security research at Netwrix. 

“To mitigate risk, it is crucial to enforce strong password policies that prevent the use of weak and compromised passwords, implement multifactor authentication (MFA), and adhere to the least privilege principle. In addition, automated detection and response solutions can help IT deal with account compromise and abuse in a controlled and efficient manner." 

To download additional findings for the education sector, go here.