Universities and their professors are awarded thousands of patents each year, some with significant commercial value, while more and most student administration systems are online and connected. In a recent New York Times article, universities weighed in on the increasing danger they face from cyber-attacks in light of these realities. One dean reported that he experiences as many as 90,000 to 100,000 attacks per day from China alone.
“The attacks are increasing exponentially, and so is the sophistication, and I think it’s outpaced our ability to respond,” Rodney J. Petersen, head of the cybersecurity program at Educause, told the Times. “So everyone’s investing a lot more resources in detecting this, so we learn of even more incidents we wouldn’t have known about before.”
Many universities have trouble with detection above all else, however – a mish-mash of different legacy and modern networks and a patchwork of management policies are often to blame. Tracy Mitrano, the director of information technology policy at Cornell University, told the Times that detection was “probably our greatest area of concern, that the hackers’ ability to detect vulnerabilities and penetrate them without being detected has increased sharply.”
Some campuses are taking things into their own hands. A cybersecurity project worth nearly $1 million will help the Missouri University of Science and Technology meet some of the macro challenges, for instance.
Founded in 1870 as the University of Missouri School of Mines and Metallurgy, Missouri S&T is a technological research university of nearly 8,000 students and part of the four-campus University of Missouri System. Located in Rolla, Mo., Missouri S&T offers 65 different degree programs in 40 areas of study, including engineering, the sciences, business and information technology, the humanities, and the liberal arts.
Under a new partnership, security firm Lumension gave Missouri S&T subscription licenses for 10,000 nodes of its Lumension Endpoint Management and Security Suite (LEMSS) for a three-year period – free of charge. The software has a commercial value of $928,395. The suite integrates patch management, anti-virus, application control and device control for improved organizational security and IT operational efficiencies.
This partnership will also allow Missouri S&T to provide these tools to students, faculty and staff for their privately owned computers on the campus network.
“Cybersecurity is increasingly important in our society,” said Frank Liu, professor of computer science and director of the Software Engineering Laboratory at Missouri S&T, in a statement. Liu was named interim chair of computer science in January 2013 and served in that role through the end of August. “Computers and other electronic devices are vulnerable without protection. The software obtained through this donation will protect many systems, such as computers owned by students, faculty, and staff, against virus, malware and other malicious attacks.”
The products will also be available for research and teaching during that period, Liu says. So, in addition to the software protection and research opportunities, the partnership includes plans for on-campus internships and a senior-level capstone course project to involve Missouri S&T students in developing tools for security risk assessment.
The move echoes an increasing issue in the industry: a lack of workforce. More than half (56%) of CISOs believe their organization’s information security department is understaffed, and the inability to locate appropriate information security professionals is one the top reasons why, according to the (ISC)² Global Workforce Study.
“Cybersecurity education is vital to protect infrastructure and provide information security in the country,” Liu said. “The software includes several tools that will be available for cybersecurity education on the campus. Our students will gain first-hand experience with real information security tools when they are used in a number of information security-related classes.”
He added that the issue will explore collaboration opportunities with the company in several other areas under this partnership, including curriculum development and research.