As attacks against colleges and universities become widespread, security cannot be an afterthought. Here’s how to build resilience.
According to data from Check Point Research, the education sector is a prime target for cyberattacks. By mid-year 2024, institutions were experiencing an average of 3,086 attacks per week. By year’s end, this figure had surged to 3,574 weekly attacks, accounting for a 75% year-over-year increase.
The prevalence of this malicious activity raises a critical question. What makes universities and colleges high-value targets?
First, and most notably, is the treasure trove of data.
The personally identifiable information (PII) of students, such as phone numbers, names, and Social Security numbers, for instance, is highly valuable to identity thieves who use it to apply for credit cards or student loans. Similarly, intellectual property (IP) from cutting-edge research can fetch millions on the dark web.
This avalanche of data, coupled with the legacy infrastructure, open network environments, and personnel challenges, means attackers expend less effort and gain more when they breach higher education institutions.
Phishing is currently one of the most common attack vectors. For example, one in every 45 of the approximately 12,234 education-related domains created in 2024 were phishing lures attempting to trick users into downloading malware or revealing credentials. Ransomware, insider threats, and unsecured Internet of Things (IoT) devices similarly pose threats.
As you can imagine, successful attacks can have considerable negative impacts. Ransomware attacks, for example, cost higher education institutions $4.4 million per payout. And sometimes they can lead to the closure of schools, as we observed with Lincoln College in 2022.
Are you staying extra vigilant in a world where threat actors actively launch offensives on higher education?
In this article, we’ll present the unique challenges facing campus teams and how to build resilience for today and tomorrow. Let’s dive in!
Unique Challenges Facing Campus IT Teams
Higher education institutions face several challenges in securing their IT.
Thousands of students need to be connected for online classes and curriculum schedules, for example. Lecturers and other university staff, too, need a connection to enhance teaching, facilitate communication, access resources, and manage administrative tasks efficiently. This diversity of users results in numerous devices being connected to the network over which IT teams have limited visibility.
Moreover, campuses typically use open networks for greater flexibility, collaboration, and access to resources. Such environments may help achieve those goals, but they inadvertently make it easier for attackers to intercept data, distribute malware, and even hijack user sessions.
Decentralized decision-making makes these issues even more difficult to manage. Many university departments operate independently and maintain control over their own IT systems. While this allows for technology tailored to specific needs, it often leads to compatibility issues and limited visibility across the institution. Without a clear view of all systems and networks, it becomes harder to identify the source of a cyber threat, which can leave the institution vulnerable for longer periods.
IT budget constraints are another challenge. According to Moody’s, higher education institutions allocate only 7% of their budget to security. This limits the talent they have access to and can sometimes mean holding onto legacy infrastructure with security vulnerabilities.
Fortunately, these limitations can be surmounted with help from a reliable managed security services provider (MSSP).
Core Strategies for Building Cyber Resilience
So, how can your campuses build cyber resilience in 2025 and beyond?
Start by focusing on the technological aspect. Most technology-related security problems you face can be addressed by adopting Zero Trust principles. Therefore, ensure campus systems don’t trust and instead continuously verify every access request. Layer this approach with robust multi-factor authentication (MFA) measures to ensure that anyone attempting to use the network is actually who they claim to be. You can go a step further and reasonably segment the network to limit the vertical movement of attackers should they compromise a system or user account. Role-based access controls can similarly be used to limit the impact of attacks.
Once that’s done, deploy end-to-end encryption as data flows between systems, to ensure it has no value to intruders. At the same time, make sure you’re using enterprise-grade tools to continuously monitor your network and endpoints for rapid threat detection and response.
Fostering a Culture of Cyber Awareness
According to Verizon’s 2025 data breach report, 60% of breaches occur due to human vulnerabilities. So, as you level up your technology capabilities, don’t overlook the human element.
Make security everyone’s responsibility by training faculty, students, and staff on digital hygiene and threat recognition. Create awareness about the various social engineering threats, such as phishing, and link them to potential ways they can affect stakeholders, including disrupting classes, delaying graduation, or even forcing school closures. Clarify what someone should do and whom they should contact if they suspect a compromise has occurred. Finally, conduct periodic attack simulations to gauge people’s cyber readiness and use the insights to enhance the security posture.
Long-Term Planning and Partner Support
Make no mistake, higher education will continue to be a top target for cyber attacks. But there’s no need for panic. If anything, this is an opportunity to go back to the drawing board and build resilience. So, take a moment to reassess your IT environment. Where are the security gaps? Do you have the latest threat intelligence tools? Is every dollar of your security budget maximizing value?
As you plan your future, consider leveraging partner support to accelerate your outcomes. NRI can deliver the industry-leading cybersecurity expertise and tools you need. Contact us today to learn how we can help you implement scalable, compliant, and adaptable cybersecurity strategies that strike a balance between academic freedom and operational safety.
