Key points:
- It’s important to maintain cybersecurity vigilance in higher education through a multi-layer approach
- An overwhelming majority of organizations paid ransomware last year
- Rising ransomware attacks on education demand defense readiness
- For more new on cybersecurity strategies, visit eCN’s Cybersecurity hub
Cybersecurity remains a top concern and priority across all industries, including higher education, and in a recent survey from CDW, half (49 percent) of respondents feel only somewhat prepared to handle a breach despite confidence around the visibility of their cybersecurity measures.
The cybersecurity landscape is constantly advancing and undergoing significant shifts driven by evolving threats, technological advancements and changing market dynamics.
CDW‘s 2024 CDW Cybersecurity Research Report examines the successes and struggles that organizations across industries experience as they assess cybersecurity readiness in the modern technology ecosystem. The survey of more than 950 U.S. technology and security professionals–including those from the K-12 and higher education sectors–offers a number of insights on cybersecurity priorities.
Eighty-eight percent of survey respondents said they are somewhat (50 percent) or very (38 percent) confident that they have sufficient visibility into their cybersecurity posture. Of those who were very confident, 61 percent indicated that identity and access management (IAM) solutions were very effective in enhancing visibility into their environment. Despite the confidence around visibility, about half (49 percent) of respondents still feel only somewhat prepared to handle a breach.
One aspect of critical strategy for cybersecurity is zero trust. Survey results indicated that over 41 percent of respondents have reached an advanced level of maturity in their zero-trust journey, yet just 12 percent reported feeling that they have achieved an optimal level. Additionally, more than 43 percent of respondents indicated they had suffered a breach costing between $1 million and $10 million in downtime.
“These results are aligned with what we’ve been seeing over the past couple years,” said Buck Bell, director of CDW’s Global Security Strategy Office. “Organizations are operating under the assumption that even if they haven’t been compromised, a breach is likely inevitable at one point or another. In a sense, that’s the entire basis of zero-trust.”
The report found that insufficient or ineffective employee cybersecurity training (31 percent) and budgetary resources (27 percent) are two of the biggest items missing from respondents’ cybersecurity approach. In making the case for funding, 76 percent of respondents indicated that showing the cost of a data breach was an effective method in making the case for additional investments in cybersecurity.
The research indicated that the vast majority (68 percent) of organizations operate between 10 and 49 security tools or platforms. “As the number of security solutions increases and IT security environments become more complex, it’s essential for team members to be well trained on these solutions,” said Stephanie Hagopian, vice president of security at CDW, “but also to understand how all of these solutions interoperate with each other and what metrics will really drive their objectives in a meaningful way.”
Automated tools can help organizations handle the high number of minor tasks they face, but training is critical to help security and IT teams manage greater challenges.
Integration remains another challenge–organizations are often tasked with integrating the numerous tools they bring into their security environment. Forty percent of the IT and security professionals surveyed said it was “very difficult” or “somewhat difficult” to integrate all of the security tools their organizations use.
“Overall, this study reinforces the importance of maintaining cybersecurity vigilance through a multi-layer approach,” Hagopian said “As the survey data shows, and what we see with our customers, keeping pace with the threat landscape and leveraging IAM solutions help improve visibility and enhance control over access to critical systems, but only represent one vector within a multi-faceted security strategy. The best approach also requires multiple security tools and platforms to effectively defend and protect against threats. It’s ultimately the combination of these elements into a comprehensive strategy that drives confidence, the right outcomes and ultimately reduces risk.”
Material from a press release was used in this report.
- Skills gap, outdated infrastructure hinder AI use - September 13, 2024
- Most students are using AI for academics - September 12, 2024
- 3 back-to-campus priorities for the new school year - September 11, 2024