EDITOR ’ S question
SETH GEFTIC , VICE PRESIDENT OF PRODUCT MARKETING AT HUNTRESS
The education sector – rightfully so – thrives on open access to information . t Huntress , our goal is to protect the
A
99 % of businesses – including those in education . The education sector – rightfully so – thrives on open access to information . When people have more access to resources , they ’ re able to self-certify in new areas , gain useful qualifications to better their careers , or simply even fuel the fire of lifelong curiosity . Educational brands should always aim to foster inclusion in their brands , doing so by publishing as much open access information as possible .
However , there is an important difference we need to outline . Publishing courses or educational resources using an open access framework is not the same as publishing all of the data that is associated with those courses . Educational brands still need to have firm privacy protocols in place , which will help to shield customer data and prevent sensitive information from being captured by malicious actors .
To balance this , I suggest working out exactly what you want to share when you distribute these materials . Classifying your data into segments , some of which are less valuable and others of which should be kept private , should be your number one priority here . This should be a fairly easy goal – the resources you want to share will be the public category , while customer data , financial figures and sensitive details must all be kept hidden .
After categorising the data you hold , you can then implement additional security features to prevent malicious actors from accessing your most private records . Things like Zero Trust access networks , WAFs , and other core pillars of security architecture will all help to keep your private data exactly that : private .
AJ THOMPSON , CCO AT NORTHDOOR
To mitigate these risks , it is so important that one must conduct thorough risk assessments to pinpoint vulnerabilities specific to the institution . efore becoming an educator and
B course author , I experienced working as a CISO in the education sector . I would say that balancing open access to information with cybersecurity risks requires a different approach , and a multi-faceted one at that . I would like to acknowledge that universities thrive on the sharing of open information and collaboration which creates a unique point for vulnerabilities . That is why , for me , a uniform security strategy will not be effective and there is arguably a need to create a strategy that considers the unique needs of the institution .
To mitigate these risks , it is so important that one must conduct thorough risk assessments to pinpoint vulnerabilities specific to the institution . This includes evaluating the security of research data , intellectual property and student information . I would also prioritise compliance with regulations such as FERPA , HIPAA , GLBA and GDPR . Continuous monitoring of systems and networks would also be a priority using robust tools to detect and respond to threats . It ’ s also important to foster a securityconscious culture within the institution .
I would also need to create an incident response plan to minimise any damage and ensure a swift recovery in the event of a breach . Finally , I would make sure of staying up-to-date on emerging threats and technologies to keep the institution ahead of potential issues on cybersecurity .
30 WWW . INTELLIGENTCISO . COM