In recent years there has been news of ransom attacks causing financial damage where an institution allegedly handed over $20 000 to cybercriminals, and malware attacks caused a shutdown for a day while IT professionals rebuilt the system.
Even more significant than financial losses, cyberattacks pose a threat to a university's reputation and the safety of its students. Understanding widespread vulnerabilities, and common types of cyberattacks, and preventing breaches can help university leaders prioritise security strategies to safeguard student and institutional data and resources.
There is no one-size-fits-all security solution to preventing all attacks, but university management can minimise these by prioritising the following cybersecurity strategies:
Cyber Security framework and strategy that provides a framework for an assured cyber security environment, utilising a risk-based approach should be formally developed.
Furthermore, security standards should be documented specifying expected security configurations and parameters in systems. These serve as security templates and ensure secure, consistent and standardised configurations across systems.
This will assist the university management in establishing current, and future processing needs to optimise the IT infrastructure that makes up the framework of the business.
There should be an exercise to evaluate all unsupported software (i.e. Windows operating systems, end-user applications, databases, etc.) within the IT environment. The outcome of this exercise should be a software upgrade roadmap that will assist the university IT management with rolling out the necessary upgrades.
Several external and internal network hosts suffer from patch management issues, where Microsoft and non-Microsoft patches had not been timeously applied. There should be a process of ensuring that required vendor patches are installed when necessary.
Implementation of a Security Incident and Event Management ("SIEM") solution which includes activity monitoring to facilitate the detection of patterns that may indicate successful compromise or misuse.
This should be configured to perform log aggregation, correlation, alerting, dashboard and reporting for all IT assets, including servers, databases, applications, firewalls, routers, switches etc.
Universities should require end users to go through training that covers phishing and how to recognise it. We provide this service, and institutions of higher learning must be willing to invest the time and necessary resources to educate their faculties and staff appropriately.
Data Privacy laws and regulations exist to ensure the protection of personal information. Universities process much personal information for students and employees and must comply with such laws (e.g. POPIA, GDPR). Universities appoint an Information Officer, perform privacy impact assessments and implement a privacy compliance framework.
The justification of a full-time CISO for many businesses can be a costly decision, and the need will be dependent on the size and level of infrastructure. However, a Virtual CISO allows an organisation to leverage the experience and expertise when needed.
Our virtual CISO can be assigned to provide advice to support the tactical and strategic direction of the Institution's information security posture, keeping with your Institution's culture and context. Our Virtual CISO will reduce the practical long term cost and provide consistent security oversight of a security programme or management communication.
