Resources | Blog

Fighting the ransomware threat in education while saving IT budgets

BY Poppy Angell

Cybersecurity threats are one of the biggest challenges facing the education sector today. The nature of threats typically faced by schools and other educational institutions range from phishing scams and data breaches to distributed denial of service (DDoS) attacks. All of these represent serious risks but are secondary in scale to the threat posed by ransomware, which is the number one threat to educational institutions.

According to a recent audit carried out by the National Cyber Security Centre (NCSC) and the National Grid for Learning (LGfL), 78% of UK schools have experienced at least one type of cyber-incident. Over 20% of these incidents were attempted ransomware attacks. Illustrating the serious risk posed to schools by cyber incidents, in January, the BBC reported that prominent hacker group Vice Society, which has been strongly linked with a string of ransomware attacks, stole highly confidential documents from 14 schools and leaked them online.

The compelling facts and supporting research presented by the NCSC and other bodies together with specific incidents reported by the media, make it clear that ransomware remains a constant threat to the education sector. Not only do educational institutions face the possibility of sensitive data being compromised in a cyber-attack but they also face the resulting risk of reputational damage.

However, schools and other educational institutions are generally far less well equipped than the private sector in dealing with and managing cyber threats, as for the most part, they are under-resourced and operate within tight budget constraints. In fact, it’s often the case in UK schools that teaching staff are required to spend a percentage of their time on IT related tasks, meaning they’re directly involved with the management and prevention of cyber-attacks.

The false promise of cyber insurance

Faced with the risks and challenges presented by ransomware threat mitigation and management, educational institutions often place their faith in cyber insurance, which is designed to cover the losses relating to damage to, or loss of information from, IT systems and networks, as well as financial loss to an organisation arising from a cyber event.

While cyber insurance has proven worthwhile for many, helping them to recover from an attack, a growing number are questioning its value for two reasons. First, its cost, which is a particular concern for the education sector, has risen dramatically. Now, insurance premiums can account for up to 60% of an average school’s IT budget. Second, insurers are placing increasingly onerous demands on victims to prove they did everything possible to prevent an attack, which is resulting in the refusal of many claims.

With these factors in mind, some educational institutions are seeking alternative approaches to addressing cybersecurity and ransomware risks, reaching the conclusion that cyber insurance isn’t fit for purpose.

Tackling the challenge of ransomware through an outsourced approach

Ransomware attacks continue unabated. Unfortunately, it’s more a case of when, not if, your organisation will become a victim – despite best efforts and robust cyber defences. At the point that an attack does occur, the most important priorities are ensuring disaster recovery and rapid restore of encrypted data through an immutable backup, to minimise disruption. All of this can be provided through an outsourced disaster recovery approach, reducing the premiums you may pay for cyber-insurance.

A major advantage of an outsourced approach to disaster recovery is its cost-effectiveness. It is significantly cheaper than cyber-insurance, freeing-up IT budgets for educational institutions and allowing them to fund more robust cyber security strategies. This approach also allows educational institutions to overcome the lack of resources, which often results in a single staff member performing up to four different roles, and the related technology skills gap that is another issue they need to contend with. As the amount of technology and the resulting data that educational institutions need to back-up continues to grow exponentially, these challenges are only going to become more pressing.

An added advantage of adopting an outsourced approach to disaster recovery is that when an issue occurs, accountability can be assumed by a managed service provider who is willing and able to take responsibility – easing the burden on the educational institution. It is also far more cost efficient, typically costing less than a single staff member’s salary, with service being provided by multiple people.

A compelling example of the advantages of an outsourced disaster recovery approach can be seen in the way North Essex vocational college, Colchester Institute, was able to overcome a crippling ransomware attack within a matter of days. Having a disaster recovery solution in place prior to the 2021 attack with Rubrik, (the technology which all of Assured’s managed services are built on), Colchester Institute was able to rely on immutable backups and perform disaster recovery in rapid time, safe in the knowledge that their data was protected against corruption and deletion.

Choosing the right immutable backup provider

For educational institutions looking to address the challenge of ransomware through a managed, immutable backup service, it’s important to choose a partner that knows the sector and its specific challenges well. It’s also necessary to understand that not all providers are equal, with some services utilising platforms that were not built from the ground-up with immutability in mind. Assured are experts in the education sector and work closely with Rubrik in a partnership that can be relied on to rapidly restore data and operations in the event of a ransomware attack.

Our team of experts are on hand 24/7 and are always happy to discuss data protection! Please get in touch here