Verizon’s 2019 Data Breach Investigations Report recorded 382 cybersecurity incidents in the education sector throughout the year, 99 of which with confirmed data disclosures. The report lists financial gain as the leading motive for attackers (80% of attacks), with espionage motives following in second place (11% of attacks). Web application attacks accounted for roughly one quarter of breaches in the education sector throughout 2019. This is mostly due to the frequent compromise of cloud-based mail services via phishing links to fraudulent login pages.

Colleges and universities hold a significant amount of sensitive information on their students, faculty, and donors. From social security numbers to payment card data to protected health information, higher education institutions present an attractive target for cyber attackers. When you combine this with the fact that most colleges and universities operate in a decentralized environment, the risk of data theft/loss is tremendous. On top of the information higher education institutions hold on their students, another area of significant risk relates to intellectual property surrounding research they may be conducting. The higher education sector faces a number of challenges related to information security, including:

• Decentralized environment
• Numerous federal, state, and industry regulations
• Limited budget
• Speed of technology deployment

Compass IT Compliance has developed a robust catalog of services focused on mitigating the information security and compliance risks of higher education institutions. Our team of highly certified experts have spent the past decade working with colleges and universities of all sizes and organizational structures. We are also very familiar with the HECVAT questionnaire framework and can assist both schools and vendors in the process. Contact us today to discuss your unique situation!

Need More Information?