Today's Modern Educator
  • About
  • K-12
  • Higher Education
Subscribe
No Result
View All Result
  • Digital Transformation
  • Cybersecurity
  • Online Learning
  • Resources
    • COVID-19
Today's Modern Educator
  • Digital Transformation
  • Cybersecurity
  • Online Learning
  • Resources
    • COVID-19
No Result
View All Result
Today's Modern Educator
No Result
View All Result
Home Higher Education

3 Steps Universities Can Take to Combat Cyber Threats

by Jenna Sindle
June 6, 2019
in Higher Education
Reading Time: 4 mins read
A A
College Students learning during the Pandemic
Share on FacebookShare on Twitter

Education was ranked last out of 17 major industries in a recent report focused on cybersecurity preparedness. Colleges are universities are constant targets for bad actors looking to get ahold of personally identifiable information (PII), including email addresses, social security numbers, and financial records. This report ranking highlights the importance of cyber preparedness for colleges and universities in the event of an attack.

Recently, the Department of Defense (DoD) reached out to private sector partners that specialize in cyber defense and security to help construct a cyber plan. While universities and the DoD may have varying missions, their cyber mission should be the same – combat the enemy. The guidance offered to the DoD can be utilized by university leaders to build a cyber plan that is threat-ready.

Below is an overview of the cyber initiatives the DoD will be considering including threat hunting, cloud utilization, and the 1-10-60 rule:

Three Steps to Combatting the Enemy

  1. Threat Hunting

According to Dmitri Alperovitch, CTO of CrowdStrike, the DoD needs to pivot from cyber hygiene – activities like patching, building an asset inventory, or implementing controls – to focus on threat hunting. Hunting adversaries stops foreign intelligence and military organizations from breaking into networks. “[G] ood cyber hygiene will not stop determined GRU or PLA cyber actors – just as having locks on the door of your house would not stop Navy Seals from getting in if they have a mission to do so,” he shared with members of Congress.

Hunting is a specific activity for Alperovitch. “Hunting is assuming that adversaries are in your network and proactively searching for them by looking across your assets for indicators of malicious activity. Simply investigating alerts generated by security tools is not hunting,” he emphasized. While threat hunting might sound labor-intensive, there are tools that not only hunt for adversaries on a 24×7 basis but, do so across the millions of machines around the world.

  1. Leverage the Cloud

While “the cloud” is often held up as the panacea for organizations looking to modernize their IT infrastructure, in this instance, it really is. Alperovitch shared examples from the financial services and other private sector organizations whose legacy infrastructure and complex operating environments rival those of the Department of Defense and, yet, are making significant progress in combatting threats by using cloud-enabled technologies.

Alperovitch noted that “cloud-enabled technologies work because they flip the asymmetry between offense and defense. Modern security approaches take advantage of cloud resources by recording all computer security-related events in massive cloud-based data stores and perform advanced analytics and forensics on that data to uncover subtle adversary activity. Tracking trillions of events provides rich context for identifying suspicious patterns. What is more, once a threat is identified in one part of the network, cloud-based security technologies allow instantaneous distribution of protection against it, across the entire ecosystem. With millions of endpoints under management, DoD can leverage cloud systems to turn its scale into a strength, rather than a challenge.”

  1. Follow the Rule, the 1-10-60 Rule

To win the battle in cyberspace speed is the critical factor; the only way to beat an adversary is by being faster than them. As part of his work at CrowdStrike Alperovitch developed a model called the 1-10-60 rule. In short, the rule outlines the timeframe that an organization needs to meet to detect, investigate, and remediate a threat. “The very best private-sector companies we work with [at CrowdStrike] strive to detect an intrusion on average within 1 minute, investigate it within 10 minutes, and isolate it, or remediate the problem, within 1 hour.”

Alperovitch assured the nation’s legislative and military leaders that while this might sound impossible it is, in fact, a routine response for the best private sector organizations. What’s also important about the 1-10-60 approach is that it doesn’t rely on preventing the initial compromise, but on preventing the adversary from establishing a beachhead within the network and therefore, from, achieving their objective. And for Alperovitch, this is in fact, a better definition of preventing the breach.

Ready to go Threat Hunting?

Tags: Cloud-Based SecurityCrowdStrikeCyber BattlesDepartment of Defense Cyber BreachDmitri AlperovitchThreat Hunting

RELATED POSTS

Innovative Technologies are Changing Education But What Impact do They Have on Infosec?
K-12

Innovative Technologies are Changing Education But What Impact do They Have on Infosec?

February 3, 2020
K-12 Schools are Struggling with Information Security, What Can Be Done?
K-12

K-12 Schools are Struggling with Information Security, What Can Be Done?

January 21, 2020
Cybersecurity News: Higher Ed is Prime Target for Cyber Criminals, Lack of Cyber Professionals Contributes
Higher Education

Cybersecurity News: Higher Ed is Prime Target for Cyber Criminals, Lack of Cyber Professionals Contributes

December 26, 2019

TRENDING NOW

  • Handwriting Improves Academic Performance

    Handwriting Improves Academic Performance; Success Requires Balance of Keyboarding and Handwriting

    1650 shares
    Share 660 Tweet 413
  • Important Safety Tips for Using Online Videos in the Classroom

    508 shares
    Share 203 Tweet 127
  • Inequalities in Technology Addressed Through Digital Inclusion

    505 shares
    Share 202 Tweet 126
  • What Happened to Handwriting Education? In 45 States it is not Required.

    1016 shares
    Share 406 Tweet 254
  • EDUCAUSE 2022: Preparing Higher Ed Institutions for Tomorrow’s IT Issues

    504 shares
    Share 202 Tweet 126
Advertisement Banner Advertisement Banner Advertisement Banner
Advertisement Banner Advertisement Banner Advertisement Banner
Advertisement Banner Ad Advertisement Banner Ad Advertisement Banner Ad
Advertisement Banner Ad Advertisement Banner Ad Advertisement Banner Ad

CONNECT WITH US

BECOME AN INSIDER

Get Today's Modern Educator news and updates in your inbox.

Strategic Communications Group is a digital media company that helps business-to-business marketers drive customer demand through content marketing, content syndication, and lead identification.

Related Communities

Financial Technology Today
Future Healthcare Today
Government Technology Insider
Modern Marketing Today
Retail Technology Insider

Quick Links

  • Home
  • About
  • Contact Us

Become a Sponsor

Today's Modern Educator offers content and advertising sponsorships to leading technology solution and service providers. Interested in becoming a sponsor? Contact us!

© 2023 Strategic Communications Group, Inc.
Privacy Policy      |      Terms of Service

 

No Result
View All Result
  • Home
  • About
  • K-12
  • Higher Education
  • Categories
    • Digital Transformation
    • Cybersecurity
    • Online Learning
  • Contact Us