Zero-day attacks are now targeting higher education institutions. Over the past year, the U.S. government has warned multiple times that foreign governments are targeting higher education systems to steal COVID-19 research and other types of intellectual property.
This spring, Microsoft reported that a zero-day attack against Microsoft Exchange Server was actively used by a “highly skilled and sophisticated” Chinese threat group against higher education institutions.
While zero-day attacks do pose a serious cybersecurity threat, the good news is that colleges and universities can take proactive measures now to bolster their defenses against a successful attack. Here are some of the most important actions schools can take today to protect their systems, intellectual property and other sensitive information.
Build a robust cybersecurity program: Cybersecurity controls do not function in isolation, and technical solutions cannot protect without supporting mechanisms to tie it all together. Ensure you have the appropriate people, processes and policies in place to provide a comprehensive framework.
Conduct regular security assessments: When managing some of the most complex technical environments in the world, higher education technology leaders should work with internal teams and external vendors to conduct regular vulnerability assessments that identify weak points...