"What Universities Need To Know About Cyber Risk"
Higher education providers have become an increasingly attractive target for state-sponsored actors in cyberattacks. The number of publicly acknowledged cybersecurity incidents impacting Australian universities have risen this year. Earlier this year, the Australian Security Intelligence Organization (ASIO) confirmed that Australian universities and researchers were under threat from foreign states. There are several reasons why universities' systems may be vulnerable to cyberattacks. Universities are designed to be open and collaborative, and they typically use many public-facing systems, some of which may be outdated. Many universities are spread across many campuses and research locations. They have many different users accessing systems and services, including students, academics, researchers, and staff members. These various touch points provide a broader attack surface to hackers that is difficult to combat. The fact that universities store a significant amount of intellectual property assets and personal information stemming from research activities and users, also makes them more vulnerable to cyberattacks. In response to the rising threat of cyberattacks against universities, the Australian government introduced legislative reforms requiring improvements to existing university compliance frameworks. There are several steps that universities can take now to strengthen existing controls and mitigate the risk of a cyberattack, such as leveraging sector-specific networks to collaborate on security-related initiatives, performing effective staff training on cybersecurity, assessing cybersecurity maturity and compliance against the National Institute of Standards and Technology (NIST) cybersecurity framework, and more. This article continues to discuss the increased targeting of universities in cyberattacks, government efforts to tackle the rising threat of such attacks against universities, and how universities could mitigate cyber risk now.
Lexology reports "What Universities Need To Know About Cyber Risk"