The education sector remains a key target for a cyberattack, according to cloud identity security solutions company ThycoticCentrify.
In the second half of 2020, the education sector in Asia and the Pacific experienced a 21% increase in cyberattacks, compared to an average of 3.5% in other sectors.
Accordingly, ThycoticCentrify announced that it is working with Australian universities to adopt the federal government’s Essential Eight cyber mitigation strategies.
A new case study demonstrates how one of ThycoticCentrify’s clients, the University of Victoria, has implemented privileged access management strategies, a key part of Essential Eight to improve its cybersecurity stance.
ThycoticCentrify has a number of other higher education clients in Australia following a similar path, and security initiatives are becoming more urgent after high-profile data breaches in the industry. It is estimated that more than 80% of successful data breaches, including cyberattack at the National University of Australia, revealed in 2019 prime account targets.
Privileged access management restricts access to data held by system users to a minimum. It also protects passwords and other credentials associated with the administrator and other privileged accounts often called kingdom keys and monitors their use for detecting suspicious behavior.
According to ThycoticCentrify, universities adopt privileged access management to improve cybersecurity because:
- It is a newer, more effective, and generally less implemented strategy than many that have been employed previously. It is a key part of Essential Eight cyber mitigation strategies, which prevent the vast majority of cybersecurity incidents.
- Universities need to demonstrate progress in adopting the Essential Eight, which privilege management allows them to do relatively easily.
- Privilege management solutions like ThycoticCentrify’s are more mature, cost-effective, easier to adopt, and less harmful to staff than many workarounds.
When Nitin Singh, director of VU Cyber at the University of Victoria, first evaluated strategies to improve VU’s security stance, he identified governance, management, and visibility around user management. and privileged accounts as key challenges.
He said that historically, managing passwords and privileged users for all VUs was manual, inconsistent, and lacked supervisory and audit controls. Singh also found that using shared and default credentials in privileged accounts posed a significant risk, making VU an easy target for cyber threats.
“We have overcome these challenges by adopting a practical, rational and risk-based approach,” says Singh.
“Our mantra of using the right technology solutions has led us to Thycotic. We have been able to start with small dimensions, get our IT staff comfortable with the product and now we are expanding the use of Thycotic in our applications. critical business, ”he says.
“Thycotic’s Secret Server solution has become much more than a privileged credential store. We are now planning to expand its use for access governance, session recording and integration with our information solutions. security and event management.
“It has provided much-needed simplification and consistency, along with strengthening VU’s security stance.”
Andrew McAllister, vice president of Adelaide-based ThycoticCentrify Asia Pacific, says many Australian universities are now down the privilege management path.
“Most start with discovering key accounts and managing passwords by making sure credentials can’t be exposed to attackers,” he says.
“It is moving quickly to control the suspicious use of privileged accounts and, over time, to restrict access to a minimum.”
Scott Hagenus, senior sales manager at emt Distribution, a rhipe company that manages ThycoticCentrify’s distribution channel in Australia and New Zealand, says the Australian government’s information security manuals mitigation strategies are essential eight and, if not all, institutions that ensure a coherent approach to mitigating threats are key to higher education.
“ThycoticCentrify responds to this face-to-face challenge when it comes to privileging access and activity,” he says.
“The companies associated with the channel play a vital role in strengthening cybersecurity.
“The understanding and close connection with the different models that our educational institutions have joined the strong ThycoticCentrify support give their channel a perfect location for our partners to help higher education get the best privileges access controls that adapt to your needs “.