A new brief highlights the critical need for robust management of risk and compliance in sensitive content communications in higher education

How does higher ed manage sensitive content communications?


A new brief highlights the critical need for robust management of risk and compliance in sensitive content communications in higher education

Key points:

Nearly half (49 percent) of higher education institutions rely on five or more communication tools to send and share sensitive content–making governance and security a challenge, according to Kiteworks’ 2024 Sensitive Content Communications Report for higher education institutions, which highlights significant risks and trends in managing sensitive content and maintaining compliance.

The higher education brief is part of the 2024 Sensitive Content Communications Privacy and Compliance Report, which uncovers significant challenges in handling sensitive data–interestingly, 57 percent of respondents admit they cannot effectively track or control sensitive content shared externally.

The higher education brief highlights the tools used for sensitive content communications, cybersecurity concerns, third-party communication risks, specific cyber threats, and compliance implications.

Higher education is at a much higher risk in the governance of sensitive data than other industry sectors, according to the brief. Putting aside personal data (PII and PHI), which is a risk in itself, higher education sends and shares highly confidential
data such as national IP and secrets, including research for the U.S. Department of Defense. “Due to the sector’s abysmal governance results, the risks are tangible,” the brief notes.

When it comes to tracking and controlling sensitive content, only 19 percent of higher education respondents said they can track and control sensitive data sent and shared
internally; an even lower percentage of higher education respondents said they can do so when it is exchanged externally (14 percent).

Forty-seven percent of institutions exchange sensitive content with more than 2,500 third parties, exposing them to additional vulnerabilities.

More than half (56 percent) of institutions reported seven or more data breaches–well above the industry average. Nearly half of institutions spend more than $5 million annually on litigation due to data breaches.

Protecting personal identifiable information is a key concern, and 50 percent view corporate IP and national research secrets as an even higher priority.

These findings highlight the critical need for robust management of risk and compliance in sensitive content communications in the higher education sector.

Protecting the personal data of students, faculty, and staff is certainly an important part of the charge of higher education institutions. Thus, it is no surprise that higher education respondents listed PII more often than other data types (58 percent listed it first or second). Yet, at the same time, protecting sensitive data related to corporate IP and secrets is even more important; 50 percent of higher education respondents listed it as their first- or second-highest data-type risk.

Sign up for our newsletter

Newsletter: Innovations in K12 Education
By submitting your information, you agree to our Terms & Conditions and Privacy Policy.

Laura Ascione