The education sector was found to be the 7th most-targeted industry in IBM’s 2020 Threat Intelligence Index and find themselves in the crosshairs of cyber criminals and nation-state attackers due to the vast amounts of personal information and research data that they hold. Whether they are looking to profit from selling stolen data, ransoms or gaining an advantage by stealing world-class research, the education sector is a target for threat actors and I'll explain how it can be better protected from cyber threats.


Collaboration and education go hand in hand, however, with data sharing and communication to external partners or campuses, the attack surface area certainly increases whilst full visibility and control can be reduced if the proper security solutions such as a Security Incident Event Management (SIEM) are not implemented.

Supply chain attacks occur in all industries, but in 2020 a number of UK universities were affected by a ransomware attack on the education software supplier, Blackbaud. Cyber security diligence needs to expand to all educational suppliers and proof of security controls should be incorporated into purchasing processes.

Cyber security skills gaps are only set to widen due to the growth of cybercriminal economy and the Cyber Security Skills in the UK Labour Market report found that 48% of those surveyed acknowledged not having basic cyber security skills within their organisation.

Reduced budgets are inevitable for colleges and universities following a pandemic which we still find ourselves in the midst. There has been a shift to remote working which has led to new technology roll outs such as virtual desktop infrastructure (VDI) and updating tired infrastructure to support these new strains on the network - all of these require investment. The uncertainty of global travel and Brexit will also have an effect on overseas students studying in the UK and no doubt affect revenue for academic organisations.


Many security tools operate in the 'pre-boom' area of cyber security and look to prevent successful cyber-attacks, but how do academic institutions discover the weak chinks in their cyber security armour before they’re exploited? Breach and Attack Simulations (BAS) can regularly test your security controls with a simulated real-world cyber-attack; gaining actionable insights into the security areas that need improving.

Not only can controls be tested against standard attack vectors, but some platforms utilise real-time threat intelligence feeds to allow for more tailored attack simulations. For example, Celerity’s Cyber Threat Insight Service can test a university’s security against the Dopplpaymer ransomware that was targeting, and successfully compromising, UK universities in August 2020. Reports would then  highlight how susceptible the university would be to this type of ransomware attack with a score out of 100 along with actionable insights for the university’s IT department on how to mitigate the ransomware threat.

Take control of your vulnerability management

Vulnerabilities are key to successful cyber-attacks and staying on top of an IT estate as large and varied as those found in the education sector can be very difficult and resource draining. The number of vulnerability patches being released by vendors has sky-rocketed recently, with Microsoft alone releasing 100+ patches every month during 2020 with no sign of these volumes decreasing. Using a vulnerability management solution, academic institutions can regularly scan their network and systems for out-of-date patches and generate a prioritisation list that enables IT departments to make better use of their patching time and reduce the risk of exploitation from the most critical flaws discovered. Better yet,  have security partner manage your vulnerabilities and free up your in-house IT resource.

Your Insurance - Air Gap & Immutable Backup Solutions

At Celerity we often use the turn of phrase “when, not if, you suffer a cyber-attack” as no organisation can be 100% secure from cyber threats. Therefore, the aim is to mitigate the risk and severity of an attack should your organisation be breached. That’s where Air Gap Backup solutions come into play. Data is the primary objective for cybercriminals targeting the education sector whether that is to steal or encrypt, and then ransom. This is why an air gap back up solution can be vital for any institution falling victim to ransomware attacks.

This provides an isolated backup copy of your data that is not connected to the internet and therefore cannot be accessed by hackers on your network. Another fail safe to ransomware is immutable backup copies of an institutions data which once written cannot be accessed by anyone, even the college or university’s IT administrators. These ‘insurance’ solutions can be used separately or combined to provide an extra layer of protection to your data and recover your critical systems should the worst happen.

Why Outsource Cyber Security?

There are many security tools available on the market, however, the majority of these are not ‘set and forget’ solutions. Instead, they require specialist skills to manage as well as taking time and resource away from other IT projects. Engaging with a trusted security partner like Celerity is a way to extend your IT department’s capabilities and the take pressure off an already over-stretched team - that deserves to sleep well at night!

To learn more about Citadel Cyber Threat Insight Service you can visit our website:

42711_CELERITY cyber threat campaign email signature

David Taylor

Written by David Taylor

David is a Digital Marketing Executive at Celerity and drives their digital activity including campaigns, website, blog writing and social media. He has a passion for digital marketing and all things tech - especially in cyber security.