"There's just so much more data that we need to manage, but also because the threats keep increasing.” That’s how Susan Grajek, Vice President of EDUCAUSE Conference, highlighted why security is one of the main topics that should concern higher education authorities around the world this year.
Ms. Grajek exposed at this event, which took place last October in Indianapolis, where leaders, experts, academics, and consultants meet to discuss and to analyze higher education and IT trends.
As universities implement new and more sophisticated software to protect their data, cyber criminals are creating new tools precisely to break those solutions.
According to an ECAR Report, between 2005 and 2014 the Privacy Rights Clearinghouse (a US initiative for cyber security strengthening) registered 727 security breaches in educational institutions, threatening more than 14 million records.
To visualize the real dimension of this problem, experts call to understand cybercriminal’s personal motivations in the first place.
“As with most hackers, the motivation of these social engineering scammers has ranged from financial gain to accessing secure data and research information. Analyzing the tactics, techniques and procedures (TTPs) of cyber criminals will help institutions understand who is targeting them, what the criminals want, and the methods they will likely use to gain unauthorized access”, experts explain at CIO.com, a data–based website reference for chief information officers.
How to deal with these issues? Quality information is crucial to face this kind of threats. It won’t entirely eliminate the menace, but a well-informed higher education institution can be better prepared to manage possible than those counterparts that fail to be updated with the latest advances in cyber security.
“Research and Education Networking Information Sharing and Analysis Center (REN-ISAC) is a commonly used source of information for the higher-ed sector,” says Steve Nyman, CISO at Dartmouth College in CIO.com.
According to the same source: “the willingness of colleges and universities to share security and breach information helps to reduce the number of stolen records.”
Because of the nature of an educational institution, information cannot always be locked up under lock and key. Concerning this, Quinn Shamblin, CISO at Boston University, proposes an alternative: “Research solutions that you know you need. CISOs need to be aware of their own institutions’ weaknesses. If you can get the money for resources before something happens, do.”
Cooperation and updated information are keys for security management in higher education. Through these factors institutions can share knowledge and experiences to be well prepared for attacks, to prevent breaches and to detect menaces.
How is your institution managing the information security? Let's us know your experience about this.
Other interesting blogs:
Advantages and Disadvantages of Cloud computing in higher education
The rise of Big Data in Higher Education
Common challenges for accreditation in higher education institutions
The challenge of skill based integrated planning in higher education