Education, particularly post-secondary education, is an important sector in the Australian economy. It is also an incredibly liable and easily-identifiable cyber criminals. Ensuring the cybersecurity of educational institutions not only protects the identities, property and assets of those involved at those institutions but also provides greater concern for the Australian economy overall, as the education industry is the pipeline through which ideas and ideas and future employees move into the marketplace. Securing against cyber security threats is an integral feature of the modern educational sector in Australia. Here are some of the various concerns and considerations that influence the measures taken to protect against education-targeted cyber threats.
What type of industry is education
Education industry in Australia is considered to be a high-end, export service relative to the volume of students served and the quality of education. As of 2017, 1.5 million students were enrolled in some form of higher education, with 31% of these students being international students. The appeal to international students owes to the quality of tertiary education in Australia as well as the abundance of institutions, with close to 1200 educational institutions in Australia that offer coursework from vocational to traditional university coursework.
Among the various programs that draws people to Australia is the Teaching and Further Education, or TAFE, program. This program is predominantly directed at providing vocational and technical training, with some institutions also offering some academic and degree-oriented coursework. International students come to take advantage of the TAFE program because the program offers a variety of courses with focused instruction, the coursework is practical and leads to preparation for various professions and it also helps for those looking to further their education.
In Australian higher education, more funding on average goes to public universities versus private ones. That being said, there are merits to either option. Universities offer a broader curriculum with the opportunity to study a more diverse array of subjects, however, the focus is generally oriented towards higher education and the campuses are substantially larger. Private colleges can offer more narrowed focus, generally based around the religious theme of the university, as well as vocational classes and the classes are usually much smaller. Private colleges trade breadth and variety for intimacy and community.
For those interested in more technically oriented careers including network security, engineering and accounting, among other studies, there are a variety of technical institutes within Australia, including Melbourne Institute of Technology, Institute of Technology Australia and RMIT. The Australian Technology Network is a collaboration between 5 technical universities in Australia: University of South Australia, RMIT University, Curtin University, Deakin University, and University of Technology Sydney. This unique collaboration facilitates research between the universities, giving greater opportunities to students studying there.
Overall, higher education in Australia is a very diverse enterprise with course offerings, degree programs and professional preparation to suit just about any applicant. It is this diversity and the quality of programs that helps to bring in so many students and makes the education industry in Australia so valuable.
How much is the education industry worth in Australia?
As of 2017, the higher education industry in Australia was valued at $38 billion; one might expect similar, if not increased value since then. Various programs have various expenses. The TAFE program can cost students anywhere from 4,000 to 22,000 AUD, with international students at the higher end of the price scale. International students studying at Australian universities can pay anywhere from 20,000-45,000 AUD a year in tuition, in addition to living expenses. Private colleges are priced similarly but, because they are private, do not offer the same government funding for residents.
Australian citizens will pay substantially less, as the government provides substantial subsidies relative to income bracket. Full-paying students, permanent residents and citizens also have access to various government loans. International students must also consider visa expenses while applying as well as the expenses of transiting from their home country. Despite this, Australia remains a very popular destination for international students.
Research conducted at Australian universities is a relatively lucrative proposition. Australian universities, in general, do not have large endowments compared to other esteemed universities around the world. For example, Australian National University, considered one of the top-ranked universities in Australia, is reported to have an endowment with little over 200 million AUD, with no other university having more than 1.5 billion AUD in endowments; Harvard, by comparison, has an endowment of US 36 billion dollars.
This, disparity in funding has not substantially impacted the quality of education at Australian universities, as Australia has multiple universities in the top 100 universities in the world. Even more impressive is that this comes with the Australian government spending much less in GDP on education expenses than other governments, such as the US, with expenses between the two countries being 1.6% vs. 2.7%, respectively.
Where the government does invest funding is in the university research sector. Most recently, the Australian government provided a $1 billion subsidy to compensate for lost international student contributions to research in addition to the $ 5.8 million given to improve medical research. This funding is relative to the most recent report of $12 billion AUD spent on research, with $6 billion coming from discretionary funding, versus government funding, and $3 billion of that funding coming from international student fees.
Overall, the university sector is a major employer within Australia. There are 130,000 people employed through the university sector as either educators or staff. Although figures and values vary, particularly regarding the economic impacts of the coronavirus pandemic, reports in 2014 indicate that Universities contribute at least $140 billion to the economy, which is likely to have increased since. Given the importance of research to the Australian economy and world-wide economy, with major influences in communication technology, biomedical research and environmental management, it’s clear that the education industry in Australia has a pronounced role. Given the value of assets that international students contribute as well as the extent of education networks in Australia, it’s also clear that these are high value networks relative to the information stored.
Cyber security threats to education sector?
The educational sector has many liabilities relative to cyber attacks. Because of the abundance of personal information and intellectual property being shared and stored in various networks, particularly university networks, there are many opportunities for users to fall victim to various hackers and cyber-attackers. During the pandemic alone, ransom payments for cyber attacks were reported to have increased at least 60%, indicating a major point of vulnerability relative to cyber security. This vulnerability owes to the increasing rate of digitization of information, the abundance of valuable research stored within university networks, and the large, minimally secured networks found on most university campuses.
Compounding the accessibility of the education system to cyber criminals is the lack of cyber security personnel available to combat this issue. It has been projected that 3.5 million cyber security jobs will be unfilled globally by 2021, indicating a lack of cyber defense personnel available to create network defenses against cyber crime and to mitigate any intrusions. It is not just intellectual property and student personal information that is susceptible to unwarranted access and usage but employee records and data from industry partnerships as well. Part of the challenge of creating sufficient cyber security mechanisms is the rapid rate at which network accessibility is being made accessible and the rate at which networks are changing. With more and more network users, there is an increased likelihood of data breach. This accessibility creates an incentive for training programs to prepare cyber security personnel to facilitate adequate network security measures.
While the increase of remote learning has led to an increase of various phishing and ransomware attacks, education networks are also susceptible to attacks based on political motives. Attacks have also included entry through remote desktop protocol ports and server message block to spread malware through various school networks. Given the vulnerability of these networks, their increasing usage and the valuable information stored, improving cyber security has become paramount across the education sector.
What types of cybersecurity solutions can protect your education institution?
Fortunately, there are a variety of measures that can help to improve network security and prevent unwarranted access and manipulation. Unfortunately, many universities neglect to reinforce their IT departments, figuring that they are either not vulnerable to attack or do not have data to warrant an attack, only to find their networks compromised. Likewise, networks have become even more vulnerable given the rapid expansion of online and remote learning that has forced educators, many of them not as tech-savvy, to use free and potentially impregnable software, Simple solutions include hiring outside cybersecurity management teams, promoting the usage of strong passwords, using only licensed, versus free, software, and making sure that all staff and students are trained in proper cyber practice. In this capacity, much can be done by network users to prevent an attack.
Because many universities seek insurance coverage to offer a measure of financial protection in the event of a data breach that compromises assets and information, there is an even greater incentive to ensure adequate cyber security coverage throughout educational networks. Some insurance carriers are specifically stipulating whether cyber security coverage is included in the policy, making it imperative for universities to ensure that their network is secure and the coverage is adequate relative to a data breach. As much information is shared between university networks, as in the case of the Australian Technology network, reinforcing a collaborative approach to ensuring network security is incredibly important to preserving network integrity.
Improving network security also involves creating adequate cyber security teams to manage the networks. Universities often differ versus the more secure networks of the banking and insurance industry in that the Chief Information Officer, or CIO, is not the main recipient of information from cyber security experts relative to the network’s security status. The lack of centralized decision-making regarding the network can lead to a lack of updates in the networks security measures or lapses in coverage, ultimate exposing the network to attack.
It is also crucial that a centralized and collective security team create a strategy to constantly ensure protection of the most important aspects of the network, such as staff personal information or shared research information. Bolstering this process is increasing spending on cyber-security infrastructure so that there are an adequate amount of well-trained personnel with sufficient equipment to constantly update networks as necessary. Further, given that networks also include accessibility through university devices and student computers as well as phones and other personal devices, it is imperative to educate users on the importance of constantly updating the security of their devices to prevent network access through outside sources.
The minor irony is that the educational capacities of TAFEs and universities is critical to providing sufficient personnel to understand, reinforce and improve security networks while educating users accordingly. By understanding the where cyber threats emerge, having adequate strategies in place in the event of an attack and recognizing patterns of accessibility to prevent future attacks, the educational sector can vastly improve its cyber security status. Ultimately, a well-staffed and well-trained team coupled with well-educated network users can thwart the majority of cyber attacks before they even enter the network.
Looking towards the future
As the world rebounds from the coronavirus and various institutions grapple with issues relative to funding, attendance and network accessibility, creating secure information systems is critical to preserving the economic, intellectual and social value of the educational sector in Australia. The cyber security field will only continue to grow, incentivizing students and universities to keep up with the demand. Of course, this is in part to combat the risk of cyber threats, posed from foreign sources as well as internal ones. The value of the education industry will forever be linked to the strength of its cyber security measures and the efforts invested to maintain and develop them accordingly.
Educate, collaborate and study with reduced risk of cyber threats to your Institute. DC Encompass provides solutions to improve the overall security of your campus infrastructure. Call our team on 1300 002 112 to find out how we can assist.