The Higher Education community is a prime target for cyberattack. According to the Sonic Wall Cyber Threat 2021 report, an above average 22.5% of education establishments were attacked each month.
Universities can be more challenging to secure than other organizations because they try to balance security and business functionality with the openness of a university where everyone is there to share information. Back-office systems are much like any sizeable business except that many of the systems have evolved over decades. For example, email was deployed across universities before being generally available, over 40 years ago.
This university, a member of the Russell Group with a history dating back to first half of the 19th century, found they had significant risks due to their Active Directory (AD)infrastructure. They had too many users with Domain Admin role (effectively, users with “god-like” power – the ideal target for attackers) and poor controls over admin credentials.
When the current cybersecurity manager joined the university in 2014, he made privileged access management (PAM) apriority. In parallel to implementing PAM, he knew they also had to clean up the AD infrastructure. “There was reluctance in the AD team because of the scale of the task, and it was nota priority for IT in the University. But that all changed when we suffered a cyber-attack” said the Cybersecurity Manager.