industry
UNLOCKED
BALANCING OPEN ACCESS AND CYBERSECURITY IN EDUCATION
CISOs in the education sector face a unique challenge : ensuring open access to information for students and staff while safeguarding sensitive data from escalating cyberthreats . Striking this balance requires innovative strategies , robust security frameworks and a deep understanding of the evolving cybersecurity landscape . We asked three industry experts how CISOs in the education sector can balance the need for open access to information with the growing risks of cyberattacks and data breaches .
AJ Thompson , CCO at Northdoor
For educational institutions , this approach ensures that students , faculty and staff only gain access to resources they are explicitly authorised to use .
AJ Thompson , CCO at Northdoor
Balancing open access with cybersecurity is a pressing challenge in today ’ s hyperconnected environment . For institutions like schools , colleges and universities , which prioritise collaboration and learning , the risks posed by cyberthreats have grown exponentially .
Traditional approaches to cybersecurity that rely on securing the network perimeter are no longer sufficient in a world of flexible working , cloud-based systems and personal devices .
A Zero Trust security model offers a practical framework for addressing these challenges . The core principle of Zero Trust is simple : Trust Nothing , Trust Nobody . This means treating every device , user and system as a potential threat until it has been verified .
For educational institutions , this approach ensures that students , faculty and staff only gain access to resources they are explicitly authorised to use , reducing opportunities for both insider and external threats .
Key to this strategy is layered security applied across all aspects of the network , including users , devices , applications and databases . For example , students accessing online learning platforms can be given permissions limited to those systems , while staff working remotely use multi-factor authentication to verify their identities . Such measures ensure that access is granted only when necessary and appropriate .
AI plays a critical role in enhancing this framework . AI-driven tools can monitor networks in real time , flagging suspicious activity such as unusual login patterns or unauthorised data transfers . These systems can triage alerts , helping cybersecurity teams focus on the most urgent threats and respond quickly to mitigate potential breaches .
The shift to hybrid learning and increased connectivity also creates new vulnerabilities , such as phishing campaigns and ransomware targeting students and staff . By adopting a Zero Trust model , educational institutions can proactively address these risks while maintaining the openness needed for collaboration and learning .
Ultimately , the goal is to strike a balance between security and accessibility . A comprehensive Zero Trust approach doesn ’ t restrict legitimate users but ensures that sensitive data , systems and resources are protected against a constantly evolving threat landscape .
Educational institutions must recognise that relying on outdated strategies is no longer viable and that adopting modern , adaptive solutions is essential to staying secure in an increasingly complex digital environment .
44 WWW . INTELLIGENTCISO . COM