The recent cyber attacks on major Australian Universities have other institutions across the country preparing for similar events.
ANU hit the headlines earlier this month, and now ACU has become the latest institute to suffer a breach when staff fell victim to a phishing scam. Both of these incidents have amplified the need for universities to be on top of their vulnerabilities, and implement effective information security procedures.
A recent report from the NSW Auditor-General’s department has highlighted a number of vulnerabilities for Universities in NSW, and found that “the cause of data breaches was generally from human error, system fault, or malicious attack.”
The report also highlighted that “universities incurred costs of approximately $24.2 million in managing cybersecurity in 2018”, but still found that three universities did not record any cyber incidents in that year. This is likely due to these institutions having less consistent reporting strategies in place.
Cyber security is an issue affecting Universities on a global scale. Three US universities have reported significant data breaches this year – Graceland University, Oregon State University, and Missouri Southern State University – all three disclosed that this was though unauthorised access to employee email accounts.
Moving forward, there is no doubt that universities need to be prioritising risky assets, and developing a strategy for approaching risks, to strengthen cyber security frameworks and ensure they are proactively managing information security and cyber risk.
In light of the recent cyber attacks, the 6th Annual University IT Service Strategy & Challenges conference on the 18th & 19th September in Melbourne will be hosting an interactive panel discussion on proactively managing information security and cyber risk. Hear from Australian senior leaders in this space including:
- Tony Aramze, Chief Information Security Officer, RMIT University
- Suthagar Seevaratnam, Chief Information Security Officer, Australian National University
- Brian Roberson, Director, Infrastructure & Client Services, Charles Sturt University