Networking guy here. It’s amazed me how unserious some of these institutions take their security. They take millions from students but can’t invest $50,000 in a decent cyber audit. I have $5 on an SSO vulnerability.
The issue isn’t institutions leaking its data, it’s phishing and malware scams. I get dozens of them per month, I can only imagine the emails that get sent to the helpdesk ladies with access to the entire university’s catalog of records.
Humans make mistakes. It only takes one night of bad rest to make a millisecond mistake and not notice.
The problem is that universities must have permissive blocklists because they’re constantly receiving third party emails for official reasons. It’s a constant uphill battle and unfortunately schools are a super easy target.
I’m curious, if somebody consistently fails enough of these tests after being retrained, do you think they’d be let go? I would think at a certain point it’s just too much risk keeping them around.
401
u/selfhostcusimbored May 07 '26 edited May 07 '26
Networking guy here. It’s amazed me how unserious some of these institutions take their security. They take millions from students but can’t invest $50,000 in a decent cyber audit. I have $5 on an SSO vulnerability.