Cybersecurity is crucial in safeguarding the integrity, confidentiality, and availability of research data. The stakes are particularly high in research administration due to the sensitive nature of the data involved. The repercussions of a breach can be far-reaching, impacting not only the organization but also its research subjects and the broader community.
As digital tools become more sophisticated, cybersecurity in research administration becomes increasingly paramount. John Nord, CIO of Cayuse, presented on cybersecurity during our Connect 2023 Conference to discuss the importance and the complexities of protecting sensitive data. In his presentation, John spoke about cyber attacks by sector, cyber insurance, the threat landscape, and best practices for safeguarding our organizations.
Cyber attacks by sector
Reports from security firms like Check Point show a 30% annual increase in cyber attacks in healthcare, with the education and research sectors also witnessing a substantial upsurge. In fact, research and education currently have the highest global average of weekly cyber attacks by industry, underlining the urgency for robust security measures in research institutions.
Cayuse carries cyber insurance to safeguard against such threats, though providers in the space are dwindling. Every July, we engage in robust penetration testing to ensure our adherence to industry best practices like finding and patching vulnerabilities, multi-factor authentication, and anti-malware protection.
Looking at cyber insurance payouts when claims are made is instructive, so we follow trends closely. Business email compromise recently appeared near the top of that list, which is hardly surprising when you consider the volume of emails we all receive every day. Other leaders include funds transfer fraud and ransomware, though the latter is starting to trend down. As ransomware has become more prevalent, we have more tools at our disposal to detect it.
Out-of-date software is often the culprit for security gaps, which is why we always recommend updating to the latest version of Cayuse’s software suite to capture the advantage of the latest security improvements.
Questions to ask your software vendors
Cyber insurance is a valuable asset, but it’s not the be-all and end-all of cybersecurity. Here are a few other questions to ask your software vendors to gauge their dedication to data security:
- What are your risk mitigation protocols?
- Are you certified to any security standards (i.e., ISO 27001)?
- Do you adhere to GDPR data handling guidelines?
Conduct annual assessments to ensure that vendors stay up to date with their certifications and make regular policy updates.
Cyber threat trends: Cybercrime-as-a-service
You’ve heard of SaaS (software-as-a-service), but have you heard of cybercrime-as-a-service? An entire marketplace has developed, with “as-a-service” offerings that run the gamut:
- Malware
- Phishing
- Crypting
- Access
- OPSEC
- Scamming
- Vishing (voice phishing)
- Spamming
- Etc.
This trend has lowered the barrier to entry for attackers, making it easier for non-technical criminals to launch sophisticated cyber attacks, increasing the overall risk and complexity of the threat landscape.
Vishing attacks, or phone calls, are one of the most insidious threats to research institutions. While spam emails can be easy to identify, these calls often sound professional and can be a sign that your organization is being singled out and intentionally targeted. If you receive vishing calls, make sure your IT and security teams are aware.
Cayuse’s three-pronged approach to cybersecurity
As James Scott has said, “There’s no silver bullet with cybersecurity. A layered defense is the only option.” The goal is to make your system less appealing to attackers by increasing the level of effort required to breach it by using multiple defensive layers.
At Cayuse, we think of cybersecurity in three key parts:
- Prevent: Implementing robust measures to prevent attacks from occurring.
- Isolate: Containing the impact of an attack to prevent widespread damage across the network.
- Recover: Having effective disaster recovery and business continuity plans to restore operations quickly after an incident.
For more details on our layered approach to cybersecurity, feel free to visit our Trust Portal.
Conclusion
For research administrators, cybersecurity is not a fixed objective but an ongoing journey of adaptation and proactive defense against changing technologies. By understanding the latest trends in cybercrime and adopting a layered defense strategy, research organizations can better protect their valuable data and maintain trust. Regular internal and external reassessments and comprehensive risk management practices further solidify this approach to data protection, ensuring a resilient and secure research environment.
