Happy New year! Or is it? The continuing cyber-threats against higher ed campuses continues unabated. And recent surveys of IT executives shows nearly two-thirds of campus leaders rank data security as one of their top concerns. In fact, data security is the number two concern of campus leaders this year, behind enrollment.
eCampus tapped the expertise of cybersecurity consultant Rivka Tadjer around the challenges and priorities in cybersecurity for higher education institutions in the year 2024. She discusses the ongoing battle against cyber threats and the evolving landscape in the wake of the pandemic. Her primary focus is on the legal implications for IT executives, the importance of understanding insurance policies, and the need for proactive measures to prevent cybersecurity breaches. Have a listen:
Key Takeaways:
- Legal Liability for IT Executives:
- There is a growing legal liability for IT executives in higher education, particularly in the face of class action suits against universities.
- IT executives are potentially held legally liable for breaches, and their contracts are being scrutinized in light of cybersecurity challenges.
- Importance of Understanding Insurance Policies:
- Examination of university insurance policies is crucial, with a need to uncover fine print details and ensure compliance to secure coverage.
- Collaboration with legal and operations teams is advised to address liability concerns and understand the nuances of insurance policies.
- Focus on Human Behavior and Operational Risk:
- The conversation emphasizes the importance of understanding human behavior as a significant factor in operational risk.
- IT executives need to collaborate with various departments, including human resources, legal, finance, and operations, to effectively address cybersecurity challenges.
- Technology Front and Threat Intelligence:
- The technology front involves the ability to detect threats before they reach the network, emphasizing the importance of preventive measures.
- Threat intelligence systems are recommended to analyze threats before they become problems, and funding for such initiatives is crucial.
- Need for AI Guardrails and Machine Learning:
- While acknowledging the role of machine learning, the conversation stresses the need for guardrails in AI applications to enhance cybersecurity defenses.
- AI and machine learning can be valuable tools in detecting and preventing cyber threats, provided they are well-monitored with quality threat intelligence data.
- Top Priorities for 2024:
- IT executives are advised to prioritize key areas for the year 2024, including examining insurance policies, investing in threat intelligence systems, and coordinating with other departments to address human behavior and operational risks.
- Training is highlighted as a crucial aspect, with an emphasis on making executives, especially at the C-level, aware of cybersecurity best practices.
Overall, the discussion emphasizes a holistic approach that combines legal, technological, and human-centric strategies to enhance cybersecurity in higher education institutions.
