Higher Ed Needs a Cybersecurity Intervention
Mimicking business-oriented security management strategies at colleges and universities is a recipe for disaster.
Colleges and universities collectively represent a worst case scenario in cyber defense. Security professionals charged with protecting schools must often account for vast financial assets, large databases of personal information, and unrestrained usage of untested technology and services. They also contend with high annual user turnover, historically limited operating budgets, and national security concerns related to government funding.
Higher education user expectations further complicate cyber defenses. Students and faculty demand extraordinary openness, demonizing just about any control that might constrain information flow. More than just an opportunity to flaunt independence, academic research often requires collaboration across institutional and international boundaries, including sensitive data such as emerging intellectual property related to technology innovation and software code that may contain advanced proprietary algorithms.
While most businesses operate in the same global threat environment, very few are subject to the adversity that higher education institutions face. Rather, businesses can better restrict what services users can access, constrain where information can flow, and disallow…
