Cyber risk is on the rise for some unexpected targets: healthcare and education

Radware has compiled a ‘Ring of Fire’ map to assess the likelihood that a certain industry will experience a cyber attack. The survey was part of Radware’s 2014 network and application security report, which was conducted with 330 global organisations.

Several of the industries mapped in the ring indicate consistent risk of cyber attack, while only one industry, the financial services sector, has moved from high-risk to medium-risk.

Source: Radware

Four industries have moved closer to the centre of the ring of fire: education, gaming, healthcare and hosting/Internet service providers, joining the government sector close to the core. The report warns organisations in verticals marked with a red arrow (indicating increased risk levels against the previous year) to quickly adjust their cyber risk mitigation solutions to reflect their new risk exposure levels.

The education sector is increasingly at risk of cyber attack, with students launching attacks in order to postpone assignments or due to hacktivist motivations. “The fact that many educational systems rely on massive, interconnected networks—with dozens of schools tied to a single platform—only compounds the risk”, the report reveals.

The report also states that educational institutions may be at risk of losing funding due to cyber attacks. This year, a number of school districts in the USA experienced funding delays because cyber-attacks delayed the submission of test results – critical for the provision of funding.

Hospitals and other “seemingly wholesome and uncontroversial institutions” are now also at risk. The report makes reference to the 2014 hacktivist attack on the Boston Children’s Hospital that brought systems down, putting many lives at risk.

IT Governance can assist organisations in any country to implement ISO 27001 cost-effectively, regardless of the company size or budget. The ‘Get a Little Help’ packaged solution provides organisations with a copy of the standards, essential reading, practical resources, online certification training and online consultancy support to facilitate an ISO 27001 implementation without incurring the added expense of an on-site consultant.