Most educational institutions store sensitive data in the cloud. Is it safe?

A Netwrix survey revealed that 47% of educational institutions suffered a cyberattack on their cloud infrastructure within the last 12 months. For 27% of them, incidents in the cloud were associated with unplanned expenses to fix security gaps.

“Educational institutions are keen to broaden their cloud adoption: The sector expects to have 56% of the workload to be in the cloud by the end of 2023, compared to this year’s 44%,” comments Dirk Schrader, VP of Security Research at Netwrix.

“But without proper visibility into who has access to sensitive data and when and how that data is being used, IT teams will not be able to proactively mitigate data overexposure and spot suspicious behavior in the cloud.”

What makes educational institutions susceptible to a cyberattack?

83% of educational organizations confirmed they store sensitive data in the cloud. With educators and students constantly sharing that information, they are more concerned about insider threats than other industries. 48% of respondents in this sector consider cybersecurity risks associated with their own employees to be the biggest ones.

“The educational sector has a good reason to be concerned about insider threats since 42% of them experienced account compromise attacks in 2022 compared to the average of 31% from the other industries surveyed. Accordingly, their IT teams should pay closer attention to identity and access management by implementing a zero standing privilege approach and enforcing strong password policies,” adds Schrader.