Most campuses report security breaches

The majority of higher education managers experienced at least one information technology security incident last year and one-third reported a data loss or theft.

Those are among the findings of the second annual Higher Education IT Security Report Card, which CDW-Government released this week. The report is based on a survey of 182 higher education IT directors and managers nationwide.

Fifty-eight percent of those respondents reported at least one security incident last year. In addition to the 33 percent reporting data loss or theft, 9 percent of the IT managers encountered data loss or theft of student personal information.

Managers cited lack of funding and insufficient staff resources as the biggest barriers to improving campus security, said Julie Smith, director of higher education at CDW-G.

Another issue is academia’s tradition of openness.

Stan Gatewood, chief information security officer at the University of Georgia, said universities have technology, throughput and bandwidth on par with corporate America but also possess a culture of freely flowing information.

“That is what makes us a target-rich environment,” Gatewood said.

University administrators earned a B, with 93 percent of the IT managers surveyed describing executive administrations as supportive to extremely supportive of IT security measures.

Faculty and students earned Cs, however. Twenty-eight percent of respondents described faculty as unsupportive of IT security measures. Thirty-one percent of students also received the unsupportive label. Respondents cited lack of awareness and a “disregard of rules/policies” as major obstacles.

Gatewood said security awareness training and education provide the best return on investment in security.

Featured

  • Government Innovation Awards
    Government Innovation Awards - https://governmentinnovationawards.com

    Congratulations to the 2020 Rising Stars

    These early-career leaders already are having an outsized impact on government IT.

  • Cybersecurity
    cybersecurity (Rawpixel/Shutterstock.com)

    CMMC clears key regulatory hurdle

    The White House approved an interim rule to mandate defense contractors prove they adhere to existing cybersecurity standards from the National Institute of Standards and Technology.

Stay Connected