Strengthening Higher Education Institutions against evolving cyberthreats

As cyberthreats continue to evolve, it is crucial for higher education institutions and universities to be vigilant.  Enforcing security strategies prudently designed to safeguard digital…

Marc St-Pierre  profile picture
Marc St-Pierre

January 24, 20244 minute read

As cyberthreats continue to evolve, it is crucial for higher education institutions and universities to be vigilant.  Enforcing security strategies prudently designed to safeguard digital assets and the integrity of their academic research provides better cyber resilience.

The education sector has become a prime target for attackers due to the vast amount of sensitive data, including personal information of students and staff.   Hackers may also find a lucrative opportunity in stolen research findings, intellectual property, and financial records from higher education institutions.

Another point worth noting, is the increased attack surface created by the multitude of transitory users and devices connected to the network.  This exposure sets the stage for cyber criminals looking for an opportunity to exploit more susceptible targets. With limited resources dedicated to cybersecurity, the education sector is in a constant race against the tactics of the attackers and tackling the challenge of evolving cyberthreats.

The education sector often struggles to evade compromises to their sensitive data and disruptions to their operations caused by:

  • Data leaks
  • Ransomware
  • Phishing
  • DDoS attacks
  • Software vulnerabilities
  • Insider threats
  • IoTs risks

Attacks on schools, universities, and other education organizations rose from January 2021 to September 2023 peaking at 32 reported attacks in June 2023. Ransomware groups, like Vice Society and Rhysida, whose attacks have historically focused on education sector entities contribute majorly to this rise.

It is both critical and inevitable that the educational sector must adopt a holistic cybersecurity approach to protect the data and people via robust network security measures and proactive threat detection to safeguard their digital infrastructure. Here are a few recommendations:

  • Multi-Factor Authentication (MFA): Add an extra layer of security by enforcing MFA for accessing sensitive systems to mitigate the threat, even if the login credentials are compromised. 
  • Penetration Testing and Vulnerability Scanning: Stay ahead in the game by utilizing periodic third-party assessments to identify vulnerabilities in the network, systems, and applications to remediate any gaps promptly. 
  • Monitor Network Traffic: Install firewalls, intrusion detection/prevention systems, and segment networks to ensure network safety. Deploy network detection capabilities to promptly identify any unusual patterns that may indicate a security threat and remediate the situation. 
  • Table Top Exercises Conduct drills to ensure the effectiveness of an Incident Response plan and ensure the entire organization is familiar with the plan. 
  • Endpoint Protection: Enforce mandatory measures to deploy robust antivirus and anti-malware solutions on all devices including computers, laptops, and mobile devices connected to the university network. 
  • Data Encryption and Backups: Encrypt sensitive data to protect against unauthorized usage and perform regular backups of critical data to ensure the availability of data in case of an unfortunate incident. 
  • Access Controls: Regularly review and update access permissions to ensure that users only have access  to the information and resources applicable for their roles by implementing the principle of least privilege.  
  • Patches and Updates: Maintain a process for timely software updates and patches. Use attack surface management to reduce the surface. 
  • Awareness and Training: Ensure that the students, faculty, and other staff are aware of . the devastating effects of phishing scams, social engineering etc
This slide shows that OpenText is a global leader in Cybersecurity with stats and capabilities by Security Product types.

OpenText™ Cybersecurity Services 

With over 1B US$ in cybersecurity revenues and 800,000 customers, OpenText is a market leader and delivers a comprehensive portfolio of software products and services.  With expertise in Risk & Compliance, Digital Forensics & Incident Response and Managed Security Services, we are the trusted partner for our many customers on their Cyber Resilience journey. 

Our approach is unique in the market.  We pride ourselves as leaders in Information Management and we approach cyber from that lens, to help improve cybersecurity postures with greater visibility, maturity and readiness. 

Learn more about how OpenText Security Consulting Services guide customers through Table Top Exercises and assist with world-class cybersecurity operations centers, visit Security Services.


Co-Author: Rajam Nair is a Service Program Manager for OpenText Managed Security Services customers. As a seasoned senior member of the practice, Rajam brings in-depth expertise in Security Operations and Artificial Intelligence to drive excellence in service delivery and customer satisfaction. Rajam ensures precise and outcome-driven oversight of our customers’ cyber resilience programs, emphasizing meticulous governance to achieve optimal results. 

Share this post

Share this post to x. Share to linkedin. Mail to
Marc St-Pierre avatar image

Marc St-Pierre

Marc leads the OpenText Global Consulting Practice for Cybersecurity which delivers Risk & Compliance Advisory, Digital Forensics & Incident Response and various Managed Security Services. His mission is to promote Cyber Resilience and provide business partners with advice, guidance and assistance to achieve Digital Resilience & Trust. In his 15 years with OpenText, he has developed teams and built solutions in areas of Artificial Intelligence, LegalTech, Linguistics & Translation and now Cybersecurity. He has lectured on semantic technologies and lead growth of OpenText with innovations such as Ai-Augmented Voice of the Customer, Magellan Search+ and Managed Extended Detection & Response.

See all posts

More from the author

Enhancing Security Operations with OpenText Cybersecurity Services

Enhancing Security Operations with OpenText Cybersecurity Services

In today’s hyper-connected digital landscape, the proliferation of devices and applications has expanded the attack surface for potential cybersecurity threats. Cyberattacks are on track to…

4 minute read

Ensuring compliance with the NIS2 Directive 

Ensuring compliance with the NIS2 Directive 

In an increasingly digital world, the security of network and information systems is paramount. The European Union’s NIS2 Directive, a successor to the original NIS…

4 minute read

Understanding MITRE ATT&CK and Tidal Cyber Vendor Registry

Understanding MITRE ATT&CK and Tidal Cyber Vendor Registry

In the ever-evolving cybersecurity landscape, staying ahead of the growing number of threats is a continuous challenge. Two critical resources in this fight are the…

5 minute read

Stay in the loop!

Get our most popular content delivered monthly to your inbox.

Sign up