Cybersecurity remains a critical concern for IT administrators in higher education. Statistics indicate that over 60% of higher education institutions experienced ransomware attacks in the past year, according to a report by Sophos. Many institutions are also grappling with staffing shortages, as 38% of IT leaders acknowledge a lack of understanding regarding necessary staffing levels for cybersecurity. Only 10% of respondents to a recent survey believe that their teams are adequately staffed.

Challenges and Automation in Cybersecurity

Kong Phang, Chief Information Security Officer (CISO) at Ashland University, emphasizes the significant challenges created by the increasing volume and complexity of potential security threats. This landscape has prompted the adoption of automated tools within IT departments, enabling teams with limited resources to proactively address cybersecurity threats with less manual oversight.

The Role of Automated Threat Detection Tools

Automated threat detection and remediation tools are increasingly considered vital components of the cybersecurity framework in higher education. Advances in machine learning and behavioral analytics technologies enable institutions to monitor network activity for anomalies, isolate compromised systems promptly, and automatically apply patches to vulnerable endpoints.

Case Study: Ashland University

Phang oversees cybersecurity for approximately 4,000 students and more than 500 staff members. He utilizes Microsoft Defender along with a security information and event management system to streamline processes. By aggregating data from various sources, these automated tools significantly reduce the volume of incidents that Phang needs to assess daily to a more manageable 20 to 30.

Experiences from Northeast Texas Community College

Sebastian Barron, director of computer and enterprise services at Northeast Texas Community College, reports similar experiences. His six-member infrastructure team is responsible for securing systems that serve roughly 3,000 students and 400 faculty and staff. Barron notes that automation enables swift responses to potential threats, helping to mitigate their impact on systems.

Insights from California State Polytechnic University, Pomona

At California State Polytechnic University, Pomona, the IT team manages over 100,000 user identities and processes more than 1,000 security events daily. Vice President and CIO John McGuthry stresses the importance of automation due to the complexity of their systems.

Advantages of Cybersecurity Automation

Experts in higher education highlight various advantages of cybersecurity automation. Phang has noted that automation allows him to complete log reviews in approximately 30 minutes, a task that previously required a full day. Barron remarks that automation enables his team to concentrate on strategic cybersecurity initiatives, thereby enhancing user experience and overall system performance.

Investment in Automation for Enhanced Security

Additionally, Gonzales, an associate vice president of IT security and compliance at Cal Poly Pomona, states that their security information and event management system processes around 220 million events daily, distilling these down to a small number of offenses for concentrated management.

By investing in automation for cybersecurity, institutions can improve their security posture while enabling IT teams to dedicate more time and resources to high-priority tasks. This transition not only facilitates the rapid identification and mitigation of risks but also fosters a more proactive security environment throughout educational institutions.

Original source: EdTech Magazine.