Education institutions are seeing an alarming increase in cyberattacks compared to last year, according to a new cybersecurity report.

Cyberattacks are on the rise in the education sector


Education institutions are seeing an alarming increase in cyberattacks compared to last year, according to a new report

Key points:

Seventy-seven percent of organizations in the education sector spotted a cyberattack on their infrastructure within the last 12 months–up from 69 percent in 2023, according to a new report.

The most common attack vectors were similar to those among other industries: phishing, user account compromise, and ransomware or other malware attacks.

The data comes from Netwrix, a cybersecurity provider that surveyed 1,309 IT and security professionals globally and today released findings for the education sector based on the data collected.

In the education sector, almost half (47 percent) of organizations faced unplanned expenses to fix security gaps because of a security incident. Moreover, one in seven of those organizations incurred compliance fines, and each tenth reported changes in senior leadership and lawsuits.

Universities or school districts can have as many user accounts as some global multi-national businesses. While educational institutions may have the same complexity as large organizations, they typically lack matching budgets and resources to deal with their dynamic environments,” said Ilia Sotnikov, a security strategist at Netwrix. “It is crucial for the IT security teams in the education sector to have processes and tools in place to govern the identities, audit their activity, and monitor for any abnormal or malicious behavior.”

Half of educational institutions (51 percent) name lack of budget as their biggest data security challenge, followed by users’ mistakes and negligence (47 percent) and an understaffed IT team (45 percent).

Eighty-one percent of educational institutions have a hybrid IT architecture compared to 74 percent across other industries. Among those 14 percent that are strictly on premises, 47 percent plan to adopt cloud technologies moving forward.

“An incident can reveal security gaps such as excessive admin privileges, dormant accounts, weak or unchanged passwords, default passwords or configurations, and unpatched systems due to negligence or lack of knowledge,” said Dirk Schrader, VP of security research and field CISO EMEA at Netwrix. “Fixing a gap might not immediately require spending additional money but will definitely require time from the IT security team. In other words, addressing the root cause of a security incident results in additional investment, in either money or effort, or both.”

Sign up for our newsletter

Newsletter: Innovations in K12 Education
By submitting your information, you agree to our Terms & Conditions and Privacy Policy.

Laura Ascione