Skip to main content
1-888-681-6744
Contact us

Five cybersecurity facts every higher education IT leader should know

Justin Niebel

10/24/2022

managed network security service | managed services | education technology

Dire cybersecurity warnings for higher education institutions seem to come from everywhere these days. National news, higher education journals, social media and local news seem to share information about some new cyber-attack on a weekly, or even daily basis. In fact, according to a 2022 Sophos survey of more than 400 higher education IT professionals, 64 percent of colleges reported experiencing a ransomware attack in the last year. This is a large uptick from the 44 percent of education respondents in 2021 reporting ransomware attacks.

Cyberattacks might be inevitable, but there are steps that campus leaders can take to reduce the odds of it finding success. Here are five cybersecurity facts that every campus leader should know — along with recommendations to help institutions keep their networks and data secure.

  1. Most ransomware attacks against colleges are successful. Higher education is the least likely sector to prevent a ransomware attack, the Sophos survey found. Nearly three-quarters of ransomware attacks reported against colleges and universities resulted in data being encrypted by the attackers. In comparison, the global average encryption rate suffered in attacks across all sectors is 65 percent.1 These findings suggest that colleges and universities may be less prepared to defend against a ransomware attack than other types of organizations, perhaps because they lack the layered defenses needed to secure their networks.
  2. Ransomware attack remediation is expensive. The average cost to remediate a ransomware attack in higher education is $1.42 million.2 This includes the cost of paying the ransom, and the expense of restoring software and data systems to their original state. Higher education has the slowest recovery rate of any sector. It takes 40 percent of colleges and universities at least a month to recover from a ransomware attack, compared to the global average of 20 percent across all sectors. Nine percent of schools take at least three months to recover.3
  3. Not all ransomware victims recover all their data. Even if schools pay the ransom their attackers are demanding, there’s no guarantee they’ll get all their data back. While paying the ransom almost always results in the return of some data, the percentage of data restored after paying has declined. On average, higher-education institutions got back 61 percent of their encrypted data after paying a ransom in 2021. This is identical to the global average of 61 percent across all sectors. However, only 4 percent of organizations — and just 2 percent of colleges and universities — got all their data back.4 Paying the ransom will only restore some of the data encrypted in an attack. Higher Ed institutions can’t count on ransom payments to bail them out; they must take proactive steps to enhance their cyber defenses.
  4. Education has a low rate of cyber insurance coverage. Cyber insurance is a critical tool in helping institutions prepare for and recover from a ransomware attack. However, nearly one-fourth (22 percent) of colleges and universities do not have a cyber insurance policy. Nearly half of colleges and universities (49 percent) say the level of cybersecurity they need to qualify for insurance is even greater now than last year. Forty-four percent report there are fewer providers offering cyber insurance, 40 percent say the process is more complex and 31 percent say policies are more expensive. In fact, policy renewals are typically increasing prices by between 40 and 60 percent.
  5. A zero-trust approach can help protect campus networks. In this approach, all network users — on or off campus — must be authenticated, authorized and continuously validated before they are given access to data and applications. By 2025, 60 percent of organizations worldwide will embrace zero trust as a starting point for their cybersecurity strategy, Gartner predicts.

What higher education tech leaders can do to protect their data

The time to act is now, but don’t worry — the outlook is just not as grim as it all seems. There are solutions available today that can help higher education IT decision maker prevent successful cybersecurity attacks. 

  • Consider managed network services. When universities install their own network infrastructure, they’re assuming responsibility for continuously implementing patches and upgrades to keep these systems secure. With a managed network, institutions can extend the capabilities of their overburdened IT staff and keep up with rapidly evolving network needs — while also enhancing their security. With a managed network, security patches and firmware changes are installed automatically, keeping networks continually secure and updated.
  • Invest in multiple cybersecurity defenses. A multilayered approach to network security offers the best protection from cyber threats. Institutions should employ multiple security systems and technologies, such as a firewall service to protect the internet gateway, antivirus and anti-malware software to shield network endpoints, and DDoS protection to guard against a distributed denial of service attacks. These multiple defenses all work together to enhance security by protecting against numerous types of threats.
  • Consider teaming with an experienced partner for help. With campus IT staff stretched thin, a reliable service provider with extensive experience in serving the higher-education market can help. Spectrum Enterprise has partnered with hundreds of colleges and universities to improve their cybersecurity with services that don’t require the use of IT staff time to administer.

The time to act is now

With ransomware attacks and other cyber threats on the rise, the time is now to take comprehensive action to secure networks and data. Colleges and universities can balance the need for sophisticated protection and simplicity of operation by choosing to opt for a managed network. With the right partner, institutions will be supported from design through implementation and beyond. 

Learn how Spectrum Enterprise is uniquely qualified to protect higher-education networks: enterprise.spectrum.com/education.

  1. Whitford, Emma. “Cyberattacks Pose ‘Existential Risk’ to Colleges — and Sealed One Small College’s Fate.”  Forbes, April 19, 2022. https://www.forbes.com/sites/emmawhitford/2022/04/19/cyberattacks-pose-existential-risk-to-colleges-and-sealed-one-small-colleges-fate/?sh=685efbdc53c2
  2. Ibid.
  3. Ibid.



 

 

 

 

RELATED RESOURCES

Blog post

How sensors detect value enhancements for any business

Blog post

The hospitality industry is gearing up for the cloud. Are you ready?

Blog post

SASE supports the dynamic, secure access needs of today's hybrid organizations

Blog post

How managed services improve hotel operations and guest satisfaction

Keep up on the latest
Sign up now to get additional stories on connectivity, security and more.

By submitting your information, you agree to the collection, use, and disclosure of your information in accordance with the Spectrum privacy policy. For California consumers, visit the Spectrum California consumer privacy rights page.

Justin Niebel

Justin Niebel brings over 12 years of experience as a communication industry account executive to his role as Upstate New York Sales Manager of SLED (State, Local and Education) at Spectrum Enterprise. In this role he recruits, trains, motivates, and develops his sales team into a productive, cohesive unit that can handle special projects and establish long-term partnerships. He graduated with both a BA and a BS degree from Roberts Wesleyan College, and earned an MBA from the University of Rochester.