TLDR:
- 77% of organizations in the education sector experienced cyberattacks in the last 12 months.
- Common attack vectors included phishing, user account compromise, and ransomware.
The education sector is facing unplanned cyber expenses according to a report by Netwrix. The report, based on a survey of 1,309 IT and security professionals globally, reveals that 77% of organizations in the education sector experienced cyberattacks within the last 12 months, showing an increase from 69% in 2023. The most common attack vectors identified were phishing, user account compromise, and ransomware attacks.
Almost half (47%) of organizations in the education sector reported unplanned expenses to address security gaps due to security incidents. Additionally, one in seven organizations faced compliance fines, while every tenth reported changes in senior leadership and lawsuits as a result of cyber incidents.
Dirk Schrader, VP of Security Research and Field CISO EMEA at Netwrix, emphasized that addressing the root cause of a security incident often requires additional investments, either in terms of money or effort from the IT security team. Ilia Sotnikov, Security Strategist at Netwrix, highlighted the importance of prioritizing remediation steps to reduce risks following a breach, which may include patching critical servers and implementing manual review steps on certain operations.
In conclusion, the report underscores the need for organizations in the education sector to prioritize cybersecurity measures and invest in securing their infrastructure to mitigate the risks associated with cyberattacks.