Higher education institutions face cybersecurity challenges unlike those faced by many other sectors.
By Musa Masungwini, data protector and cyber defender at Dell Technologies South Africa
The major threats faced by South African universities include prevalent ransomware, phishing, data breaches, insider threats, reliance on third parties, and a significant skills gap.
These are amplified by the shift to digital learning and insufficient budgets, demanding better policies, awareness and investment.
In South Africa and across the globe, open networks designed to facilitate collaboration, student populations that come and go, and budget constraints can all broaden the opportunity for cyberattacks.
What’s more, institutions are homes to research data, personally identifiable information, financial information and intellectual property that make them attractive targets.
In some ways, the problem is cultural. Academic institutions are built on openness, shared governance and intellectual freedom.
The strict security access control, monitoring and response protocols that work in the corporate world may not be appropriate for colleges and universities, so what can they do to stay secure?
Approaches that work
To counter these challenges, leaders in higher education are adopting strategies that move beyond simple prevention to build comprehensive resilience that enables them to withstand and quickly recover from an incident.
Many institutions lack the in-house resources for 24/7 threat monitoring and choose to outsource portions of their security operations to external partners that can provide expertise and 24/7 coverage.
This is a practical and efficient way for colleges and universities to approach security, and it gives institutions the opportunity to build relationships with technology partners that understand their environments and constraints.
Another effective strategy involves creating a layered defence of interlocking security tools that protect different parts of the network. This approach requires more internal capability but gives institutions greater control.
The University of Miami Health System, for example, manages a complex blend of patient data, research, and student information. It implemented a zero trust architecture and deployed multiple firewalls with support from Dell Technologies to protect different parts of its network.
This multi-layered strategy helps ensure that even if one layer is breached, others stand ready to protect critical assets.
The power of partnership and preparation
When the Universidad Autonoma de Barcelona (UAB) was hit with a ransomware attack over a long holiday weekend in 2021, it was able to ignore the ransom demand and recover quickly.
The university’s success came from preparation. It had a response plan in line with Spain’s National Security Framework, and a team of specialists trained to execute that plan. Its relationships with government security agencies, law enforcement and technology partners like Dell Technologies meant it could restore operations without paying attackers.
That preparedness didn’t come overnight. It was the result of leadership, investment and the discipline to run regular exercises and test assumptions before an attack occurred.
Government guidance, too, like South Africa’s National Cybersecurity Policy Framework (NCPF) and stricter requirements from cyber-insurers are also driving positive change. These standards encourage institutions to adopt best practices and improve their overall security posture.
Cultivating the next generation of defenders
Technology, preparedness and partnerships are important, but colleges and universities also need to develop people who understand the cybersecurity world.
South Africa’s higher education landscape offers diverse cybersecurity training. Top universities like University of Johannesburg, University of Cape Town, Wits University and Stellenbosch University provide MScs and short courses in areas such as cryptography, ethical hacking, and digital forensics, while institutions like Eduvos and Berea Technical College offer certificates and occupational qualifications.
Moving forward, together
For higher education technology leaders trying to figure out where to focus, here’s what matters most:
- Get clear on what needs protecting and why. Not everything is equally critical. Identify the most valuable assets, whether that’s research data, student records or financial systems, and prioritise protecting them.
- Build relationships early on. Whether it’s with trusted technology partners, law enforcement or peer institutions, the time to establish those connections is before a crisis, not during one.
- Test assumptions. Run tabletop exercises. Simulate an attack. Find out where plans break down before an incident occurs.
- Have a cultural conversation. Security isn’t just an IT problem. It requires buy-in from academic leadership, faculty and students. Make the case for why it matters and involve people in the solution.
Building resilience together
Cybersecurity in higher education will always be challenging. But institutions that are willing to think differently about the problem, and to invest in technology and people, are building resilience.