Campus Announcements Archive

Combatting increasing threats with cybersecurity education

Higher education is particularly vulnerable to a range of potentially damaging cyberattacks. From large catalogs of sensitive student information to research data, institutions of higher education have plenty of tempting targets for cybercriminals. Consequently, cyberattacks on colleges and universities have been on the rise. According to the 2022 Verizon Data Breach Investigations (DBIR) report, education and research institutions were targeted by an average of 1,065 cyberattacks per week last year—a 75% increase from 2020. Over 30% of these breaches are attributable to ransomware.

Despite the increased potential for risk, higher education tends to lag compared to other sectors when it comes to cyber-preparedness. The U.S. Department of Homeland Security examined the state of cybersecurity by industry and found the education category ranked at the bottom. Despite the emerging awareness of the cyberthreats colleges and universities face, higher education is struggling to keep up. This has created an extremely dangerous situation for colleges, universities, and affiliated institutions. The consequences of a successful data breach can be devastating for universities: huge ransom payments, stolen student information, and significant reputational harm.

The most effective cybersecurity resource higher education institutions have at their disposal, aptly enough, is education. This year’s Verizon DBIR reports that 82% of breaches involved a human element—a powerful reminder that cybersecurity is not a technology issue; it is a user issue. Security awareness is the best way to protect any organization from a wide range of cyberthreats. Mitigating cybersecurity attacks begins with a culture of security awareness at every level of an institution, and cybersecurity education is essential for every member of an institution, including students, faculty, and staff.

Please review the following cybersecurity education resources that have been made available by Drake ITS:

Drake University Information Security Awareness course available in Blackboard

Cybersecurity Awareness Month (October 2022)

In addition, ITS will continue to simulate phishing and assign training to those most susceptible. If you believe you’ve been targeted by phishing, see Reporting a Phishing Message (How-to).

— Christopher Mielke, ITS