Safeguarding Higher Education from Cyberattacks
April 21, 2017 --
Denver, Colo., April 21, 2017 (GLOBE NEWSWIRE) -- The increase in the risk from cyberattacks has received significant attention from the research and education (R&E) community and has spurred many campuses to adopt new security controls and implement additional tools to protect their institutions. These risks include ransomware attacks, which are typically attacks on a system or computer with the intent to disrupt or block access to data until a ransom is paid, as well as distributed denial-of-service (DDoS) attacks that are intended to interfere with the availability of a campus’ network or applications.
In 2015, the Department of Homeland Security issued an Intelligence Assessment on Research and Education. In general, the report noted, cybercriminals do not target university systems and users more than any other victims. This finding holds true today.
“There are always new threats to cybersecurity, and the threats often evolve faster than the safeguards,” said Kim Milford, executive director of the Research and Education Networking Information Sharing and Analysis Center (REN-ISAC), which started in 2002 and coordinates information sharing about computer-security threats and countermeasures among higher education institutions. “Through active sharing among the research & education community about the most current threats, we can collectively defend against them by updating our processes and finding safeguards that most effectively protect against those threats.”
The cybersecurity landscape is constantly evolving because threats on the internet continue to not just grow, but also morph. In the past, risk mitigation was heavily focused on network controls and patching applications. As IT organizations deployed safeguards, malicious actors moved on to more lucrative attacks, such as phishing and ransomware, which target the user more than the application or hardware.
Higher education could be susceptible to cyberattacks for many different reasons, but are likely targets due to their computing resources, intellectual property, and vast amount of personal information belonging to their students, faculty, and staff. In 2016, REN-ISAC sent out 67,000 notifications to R&E institutions about potential machines compromised by vulnerability exploits.
“It can be difficult to talk about the risks of cyberattacks without invoking fear, uncertainty, and doubt among IT professionals in research and education,” added Milford. “They may feel ineffective at risk mitigation and outsource critical security tasks. In the other extreme, they may feel the need to spend down their whole budgets to counteract the threats. The truth is, there is a happy medium. An objective analysis of the threats and threat actors can assist today’s IT professional in managing those risks.”
Milford will present an annual assessment of the current risks along with practical and operational advice to the research and education community in a Global Summit session on Tuesday, April 25 from 4:30 – 5:30 p.m. EST at the Renaissance Downtown Washington, D.C. Hotel. For more information on the Global Summit, taking place April 23-26, visit https://meetings.internet2.edu/2017-global-summit/
EDITOR’S NOTE: Interviews are available to members of the media upon request. Reporters interested in obtaining a press badge for the 2017 Global Summit should contact Sara Aly, [email protected] or 720-379-9674.
Internet2® is a non-profit, member-driven advanced technology community founded by the nation’s leading higher education institutions in 1996. Internet2 serves 317 U.S. universities, 70 government agencies, 43 regional and state education networks and through them supports more than 94,000 community anchor institutions, over 900 InCommon participants, and 78 leading corporations working with our community, and 61 national research and education network partners that represent more than 100 countries.
Internet2 delivers a diverse portfolio of technology solutions that leverages, integrates, and amplifies the strengths of its members and helps support their educational, research and community service missions. Internet2’s core infrastructure components include the nation’s largest and fastest research and education network that was built to deliver advanced, customized services that are accessed and secured by the community-developed trust and identity framework.
Internet2 offices are located in Ann Arbor, Mich.; Denver, Colo.; Emeryville, Calif.; Washington, D.C.; and West Hartford, Conn. For more information, visit www.internet2.edu or follow @Internet2 on Twitter.
Established in 2004 as part of the National Council of Information Sharing and Analysis Centers (ISACS), the Research and Education Networking Information Sharing and Analysis Center (REN-ISAC) is a member organization committed to aiding and promoting cybersecurity protection in the research and education (R&E) community. With over 500 member institutions and 1600 active participants, REN-ISAC helps to analyze cybersecurity threat trends and protection techniques that impact R&E. REN-ISAC receives and shares intelligence with the R&E community as well as governmental and private entities. REN-ISAC analyzes this information, along with information provided in publicly available resources such as the Verizon Data Breach Report and provides the R&E IT professionals with alerts, advisories, ongoing discussions and recommendations to help reduce risks. For more information, visit https://www.ren-isac.net/index.html
A photo accompanying this announcement is available at http://www.globenewswire.com/NewsRoom/AttachmentNg/f5d8ae2f-1778-418d-ad46-755c6ce60b50
A photo accompanying this announcement is available at http://www.globenewswire.com/NewsRoom/AttachmentNg/bb1e7f3f-5ff1-4163-9cc6-5ff2bac6cb7b
CONTACT: Sara [email protected]