These days, it seems as though news outlets are reporting every other day on new cyberattacks, highlighting the fact that retail, health care and government aren’t the only industries vulnerable to data breaches. One nationally ranked university recently announced it experienced not one, but two data breaches by an advanced malware where nearly 18,000 usernames and passwords, as far back as September 2012, were compromised.
The number of U.S. data breaches continues growing, meaning that computer networks across every industry need to be protected. In 2014, Kaspersky Lab products detected and neutralized a total of 6,167,233,068 threats. With an increase in data breaches from sophisticated spear phishing and malware, many hackers have set their sights on exploiting vulnerabilities in the higher education sector.
Universities are prime targets for data breaches as they not only store thousands of financial and personal records on their students, faculty and employees, but also valuable scientific and medical research and studies. In the past, many universities were less focused on data security, but today, the risk is too severe to be ignored. According to the Identity Theft Resource Center (ITRC), data breaches in the education sector make up 7.3 percent of all data breaches.
Chief information officers (CIOs) within the higher education sector are under a lot of pressure to make sure their network is secure from encryption of emails and student, staff, faculty and research records to multi-factor authentication and password policies. One of the biggest issues CIOs are facing is mobility. Every day, there are thousands of mobile devices on college campuses trying to connect to the network. Smartphones and other mobile devices are easy targets for hackers as they aren’t as secure as campus computers.
A good place for a CIO to begin strengthening his or her network and reducing risk is by performing a risk assessment and developing an IT security strategy. A risk assessment can help determine if an advanced network security is essential and if it’s necessary to seek out a professional services team to help develop a secure IT strategy.
Read More: Risk management is an ongoing challenge for many not-for-profit organizations. The first step to create an effective process to manage and monitor risk is to understand your potential threats. Learn more in our blog post, Protect Your Not-for-Profit Against These 13 Damaging Risks.