Across industries, ransomware and cyberattacks have proliferated in the past year, largely due to the rapid shift to remote work and school. The education sector has been hit particularly hard–the 2020 calendar year saw a record-setting 408 publicly disclosed cybersecurity incidents in the K-12 sector, according to The State of K-12 Cybersecurity: 2020 Year in Review.
The report, put out by the K-12 Cybersecurity Resource Center, found that the attacks affected 377 school districts in 40 states and cost millions of dollars to resolve.
The unfortunate reality is that the problem isn’t going to go away–the threat landscape will continue to expand. And compounding this is the fact that education IT departments are too often underfunded. This is where automation can play a key role.
The current threat landscape
We’ve all seen the headlines–everything from a high school student in Miami who forced the cancellation of classes to school districts around the country that have been hit by ransomware. And this has all come as schools have grappled with remote and hybrid learning during a global pandemic.
In March 2021, the FBI issued a warning about an increase in PYSA ransomware targeting education institutions in 12 U.S. states and the United Kingdom. And that’s just the tip of the iceberg. The K-12 Cyber Resource Center found that the attacks against schools in 2020 marked an 18 percent increase from the prior year, and given what we’ve seen in the past year, it’s seeming likely that 2021 will top that.
Prevention demand exceeds human capacity
Organizations today know that the cost associated with the fallout of a successful attack is far greater than the cost and effort associated with attack prevention. Therefore, in education cybersecurity and beyond, investing in comprehensive cybersecurity strategies not only protects sensitive data and infrastructure but can also help reduce costs down the line.
However, at the same time, school districts face substantial budget constraints, making it difficult to address the massive and growing problem of cybersecurity risk. And speaking of that growing problem, the fact is that the threat landscape has proliferated and continues to proliferate so greatly that humans alone cannot tackle it all.
It used to be the case that cyberattacks were only as fast as the humans who executed each step required in an attack. These manual processes once provided a viable chance of catching an exploit before it caused major damage. Now, however, cybercriminals are likewise capitalizing on digital innovation, automating, and applying artificial intelligence (AI) to many of their tactics. This has enabled them to quickly create more sophisticated, multi-vector attacks that can be carried out at machine speeds. For example, cybercriminals are now using AI and automation to actively locate and exploit multiple vulnerabilities simultaneously while evading detection. And automation enables these to be far more prolific and cause even more damage.
So then, education IT and security teams need to respond in kind–by using AI and automation as part of their cybersecurity efforts.
Automation and AI for education security
Cybersecurity professionals can achieve clear visibility into every device accessing a network at any given time by using AI-driven solutions, such as AI-assisted network access control. AI and automated tools simplify network management across these environments and alert security teams to imminent threats and process an automatic threat response. AI, especially, can continuously sift through mountains of data collected from devices across the network to identify threats.
It can also automatically investigate the influx of alerts that have traditionally required manual input from security teams, enabling them to make better informed decisions, create a more proactive and efficient security program, and be more cost-effective. This frees up security teams to spend more time honing strategy, researching advanced threats, and cultivating a cyber-aware culture.
To execute a threat management strategy in a proactive way, speed is crucial. Cybercriminals take advantage of every second they can, and automated attacks increase their speed tenfold. That, paired with their ever-evolving tactics and an ever-expanding digital attack surface, can lead to overwhelmed and outnumbered security teams. By leveraging solutions that incorporate AI and automation, CISOs can proactively tackle today’s automated cyberattacks and stay a step ahead of cybercriminals.
Fighting education cybercrime
Cybercriminals will target any vulnerability they find, with no regard for the populations their attacks will affect. The education sector’s vulnerability has increased significantly over the past year, leading to a predictable increase in assaults. Many districts are still recovering from these attacks, even as they prepare for the return of a more “normal” school year this fall.
Automation and AI/ML can play a huge role for education organizations, providing a way to augment their typically small IT teams. These technologies enable security tools to match the speed of attacks and teams to get out ahead of attackers to proactively keep their schools safe.