The global 2021 Netwrix Cloud Data Security Report found that the majority of educational organizations experienced phishing attacks (60%) and account compromise (33%) in 2020. Phishing was the most common incident suffered by all verticals analyzed in the report, but the frequency of this type of attack in the educational sector is higher than the average of 40%. Also, 27% of educational organizations experienced ransomware and 49% were unaware of the infection for days. Given the FBI’s recent warning about PYSA ransomware targeting schools in the U.S. and U.K., security pros in the education sector should be vigilant about this attack type.  

The majority of respondents attribute their high level of vulnerability in the cloud to understaffed IT and security teams (53%), lack of expertise in cloud security (52%), and lack of budget (49%).

Other survey findings for the educational vertical include:

  • 48% of educational organizations store employee data in the cloud, and 30% store student data there. 
  • 93% needed days or weeks to discover accidental data leakage, and 33% needed weeks to recover from these types of incidents.
  • Among institutions that had a data breach, 33% faced unforeseen costs to fix security gaps.
  • 33% of respondents reported that their cybersecurity spending and priorities remained the same despite changes brought by the pandemic. 27% stayed within their existing budgets but changed their priorities.

To get the complete findings of the report, visit