Cybersecurity Awareness on Campus Report

About The ReporT

Consider the amount of sensitive information that is collected, processed, and stored by institutions of higher education – from confidential student records to research data. Protecting this information is an onerous responsibility for universities, especially given the fact that cyberattacks on the sector have spiked in recent years. Despite the urgent need for more robust cybersecurity in higher education, universities are struggling to adapt to the ever-shifting threat landscape.

This is why NINJIO just released a report on the state of cybersecurity in higher education. Universities face unique obstacles in the development of their cybersecurity platforms: the sheer amount of data they have to protect, large and open networks that are used by millions of students, faculty, and staff every day, and the fact that cybercriminals have powerful incentives to break into these networks. A 2022 Sophos report found that 64 percent of higher education institutions suffered ransomware attacks over the preceding year – a striking reminder that this problem is only getting worse.

As with other sectors, human error is a major cause of breaches in higher education. This is one of the reasons cybersecurity is such a challenge for universities – the largest institutions have tens of thousands of students, administrative and support staff, and faculty. While universities can use cybersecurity tools like password managers and multi-factor authentication, cybercriminals have repeatedly proven that they’re capable of circumventing these defenses – often by tricking and coercing users.

As long as the human element is implicated in a significant proportion of breaches, cybersecurity awareness training (CSAT) will be integral to universities’ defenses. Here are a few CSAT guidelines from the report: 

Keep learners engaged

CSAT content has to capture and hold learners’ attention, which is why NINJIO episodes offer concise, engrossing, and narrative-driven lessons on a broad range of cyberthreats. NINJIO uses real-world examples to remind learners what the stakes are and demonstrate that cybersecurity is relevant to everyone – from the chancellor to a freshman who just completed orientation. 

Personalize CSAT content

There’s no one-size-fits-all approach to cybersecurity education. When CSAT platforms are personalized on the basis of learners’ individual skill levels, strengths and weaknesses, and personality traits, content can be customized to suit their unique needs and engage them effectively. Personalization also gives institutions in-depth data on their vulnerabilities, as well as the performance of their CSAT platform. 

Demonstrate that cybersecurity is a collective responsibility

All cybercriminals need is a single foothold – a successful phishing email, a piece of downloaded malware, etc. – to gain access to a university network. Universities can’t run without open and interconnected networks, and they’re increasingly reliant upon digital collaboration and learning platforms like Canvas. Every member of the university community – from tenured professors and administrators to students – has to use these resources and networks with care, and they need to be equipped to spot cyberattacks in progress.

It’s fitting that the key to keeping universities safe from cyberattacks is education. Beyond the fact that CSAT can help universities avoid costly disruptions and keep sensitive data safe, cybersecurity awareness is also a critical skill in an increasingly digitized and interconnected global workforce. By learning how to protect their institutions, students will simultaneously acquire skills that will serve them well for life.