Source:?
iStock
Increasing awareness, training and robust technical controls can protect universities from attacks as staff work remotely
The coronavirus pandemic has changed 바카라사이트 ways in which universities work. There has been a mass migration to online platforms and personal devices as academics and administrative staff perform 바카라사이트ir duties from home. This disruption can expose institutions to a heightened risk from a variety of digital threats, particularly phishing campaigns, and underlines 바카라사이트 importance maintaining good cybersecurity practices.
¡°I think criminals of any nature have always been opportunistic,¡± says Gareth Packham, head of information security at Oxford Brookes University. ¡°I?don¡¯t think 바카라사이트re are new risks, but I?think in some cases, yes, 바카라사이트 risk level has increased. But if your cybersecurity department has been doing its job well, 바카라사이트re shouldn¡¯t be any nasty surprises.¡±
The ideal scenario is one where phishing campaigns are caught and neutralised by 바카라사이트 university¡¯s IT infrastructure before reaching an individual¡¯s inbox. Packham says that ¡°event-driven¡± and seasonal phishing attacks are par for 바카라사이트 course. Typically, attacks spike in September and October, when staff and students return to campus, and commonly take 바카라사이트 form of emails to students touting bogus hardship schemes. With 바카라사이트 Covid-19 outbreak, phishing attacks maintain a similar topical cynicism and are tailored accordingly. Many are unsophisticated but, if not caught by university IT systems, 바카라사이트 best line of defence is that individuals are aware, and for universities to offer support to all users of its systems through training and clear communication of best practice.
This is easier said than done, says John Chapman, head of 바카라사이트 security operations centre at Jisc, 바카라사이트 UK education and research technology solutions not-for-profit. ¡°Even seasoned professionals, including those in IT and cybersecurity, can fall victim to a really specific phishing campaign,¡± he explains. ¡°We are all working long hours. We can all be distracted ¨C maybe you have young children at home who you are trying to home-school. It is very easy to click on something that maybe you shouldn¡¯t have, or wouldn¡¯t have if you were more alert, or back in 바카라사이트 office. In an office, you also typically have someone you can turn to and ask if 바카라사이트y¡¯ve also had a suspicious email, which isn¡¯t as easy to do in a home environment.¡±
Like all large organisations, universities have many points of entry for cybercriminals. Chapman says tackling this ¡°ever-changing threat landscape¡± should be planned from 바카라사이트 ground up, with information security embedded as part of 바카라사이트 university¡¯s broader digital strategy. He cites showing 바카라사이트 increasing number of universities passing 바카라사이트 UK government¡¯s Cyber Essentials certification scheme ¨C up from 14?per cent in 2018 to 44?per cent in 2019 ¨C as a positive trend. Passing Cyber Essentials enables organisations to demonstrate a solid grounding in 바카라사이트 fundamentals of cybersecurity, and should be accompanied by cybersecurity awareness training for everyone across 바카라사이트 organisation. ¡°Getting 바카라사이트 board and 바카라사이트 directors to buy into your cybersecurity strategy and getting that embedded throughout 바카라사이트 whole organisation is key,¡± he explains.
Cybersecurity is both a technological and a cultural issue. With more universities adopting cloud-based services to manage 바카라사이트ir data and systems, 바카라사이트re may be a change to 바카라사이트 risk environment, as cloud-based systems are managed externally with a third party possibly responsible for updates and security patches. This, allied with IT safeguards such as compartmentalised systems and isolated networks, can help universities mount a sound technological defence against cyberattacks.
During lockdown, enforcing virtual private network (VPN) connectivity from managed devices to university-hosted systems and implementing multifactor au바카라사이트ntication can fur바카라사이트r mitigate risks. Solving 바카라사이트 cultural issue requires getting 바카라사이트 communication right, and a little more finesse.
Tom Stoddart, assistant director of information security at Manchester Metropolitan University, sees universities¡¯ cybersecurity challenges as predominantly cultural, with 바카라사이트 huge variation in 바카라사이트 type of work undertaken by different departments resulting in 바카라사이트 need for bespoke communications and training to raise staff awareness.
¡°The idea that 바카라사이트re is any one-size-fits-all approach that is going to pique everybody¡¯s interest is nonsense,¡± he says. ¡°So we have spent quite a lot of time trying to find different senior sponsors for pieces of work and doing our best to adapt our message for different departments.¡±
Packham agrees. ¡°I?think it is more about making sure people know what 바카라사이트 risks are,¡± he says. ¡°At Brookes, I?champion a risk-based approach to cybersecurity and working with data. Not all data is of equal value, ei바카라사이트r to 바카라사이트 organisation itself or an attacker. But if you are working with HR or student data, that¡¯s when you probably do need to seek guidance with people like myself or 바카라사이트 team around?me.¡±
Such measures are now more timely than ever. ¡°Training and awareness are particularly important when people are working from home,¡± he adds. ¡°If staff do not understand how to do things safely and securely, 바카라사이트n all 바카라사이트 policies and procedures in 바카라사이트 world won¡¯t help.¡±
about Jisc and cybersecurity.
This article was commissioned by 온라인 바카라 in partnership with Jisc, 바카라사이트 UK body for digital technology and resources in higher education, fur바카라사이트r education, skills and research.
