What Are Your Peers Doing to Prevent a Breach?

peer_data_breach.jpg

What Are Your Peers Doing to Prevent a Breach?

Between lackluster security measures and emerging cyberthreats, higher education institutions are alert but not necessarily protected against the next big data breach.

Half-Hearted Security Ends in Heartbreaking Breaches

Research shows that 2019 will be a healthy year for tech spending in the higher education space. A University Business survey of 120 technology administrators shows that most will be looking at increased spending this year. At the very least, almost half (45%) anticipate spending will remain the same as it was in 2018.

While this seems like a promising stride in the right direction, one-third (33%) of the respondents said their “institutions or constituents fell victim to a cyberattack in the past year.” With a large chunk of institutions admitting that their security has not been up-to-par in the past and nearly the same number citing cyberattacks as a primary concern, it seems investments in security should trump all else. Considering what a juicy target higher education institutions make for hackers, campuses are well-advised to get a handle on their risk profile and take adequate steps to prevent a costly breach.

Partial Investments Mean Partial Security

Top spending priorities for higher education IT departments is leaning in the direction of network and data security. In fact, breaches have put campus leaders on edge; three out of 10 report that cyberattacks are a major concern. More than half (six out of 10) report  that they would rate their preparedness for such an attack as “an A or B.”

Almost half of respondents from the survey (48%) report they plan on making significant investments in network and data security in 2019. It was the top response in this year’s survey, moving up a slot from last year’s results.

The majority of the surveyed institutions say they also anticipate increased collaboration with other departments. However, only 16% reported they may add staff. While many institutions seem to be gearing up for a more secure 2019, how they will do so with limited resources remains a big question.

Four-Pronged Approach

Limited resources or not, a comprehensive risk inventory is an excellent starting point for universities to evaluate where they stand and where there is room to improve. That said, universities must also take action now to avoid falling prey to nefarious characters chomping at the bit. Following a four-pronged approach can keep universities protected:

  1. Identifying/isolating sensitive payment data

  2. Utilizing encryption schemes and/or tokenization services on that data

  3. Analysing access controls and restricting access of sensitive data

  4. Educating all departments, faculty, staff, and students on risky behaviors and implementing a campus-wide incident response plan

Data governance is incredibly important. Unfortunately, for universities with multiple campuses, departments, ERP and other systems, it can quickly become very complex and hard to manage. In these cases, it can make more sense to bring an experienced vendor in to help manage sensitive data and the processes around that data.

Your Partner in Preventing Cybercrime

Given the number of institutions that have already fallen victim to a breach—and the reality that the real breach question is when, not if—it seems universities may need some outside help.

The good news is that Arrow Payments has ample experience working as an extension of campus treasury and PCI teams to secure and protect sensitive data. Our experienced consultants work with all necessary departments and third-party vendors and systems to ensure that integrations happen seamlessly. Our end goal is simple: create the most secure payment system possible as easily as possible.

We can help you select the best solutions and follow the best roadmap to ensure your institution’s payments operations remain hiccup- and breach-free. Contact us today to learn how we can help you create a sound strategy for a secure future

Sarah W