Chief information security officers are grappling with a variety of issues as they try to keep their campuses safe from cyber criminals. In fact, the No. 1 issue for higher ed IT leaders this year is information security, according to EDUCAUSE, a nonprofit association of IT leaders in higher ed.
Let’s look at 4 top areas of cyber weakness that need focus in 2020:
- Application Security – Applications that are collecting data are the biggest concern. Whether developed internally or by 3rd parties, application security should be verified by web application penetration testing to look for vulnerabilities that can be exploited to gain access to data and remediate them.
- Endpoint Security – Endpoints include the many devices that faculty and staff bring on campus that are not controlled by the IT staff, which makes securing them even more of a challenge. Technical controls can limit access and forcing anti-malware software before allowing endpoints to join the network is highly recommended. Another layer that many institutions are missing is monitoring that includes the data from the anti-malware console as well as Active Directory for threat correlation.
- Patching Cadence – Updating software is essential. While patching can be a burden for education IT teams, especially those with fewer resources, there are resources that can help bear some of the weight. Outsourced patch management can identify vulnerabilities and push patches promptly to increase security and meet compliance requirements.
- Network Security – With a frightening 76% of institutions still lacking true next-generation firewalls (and not all firewalls being implemented properly from a cybersecurity perspective) and approximately 80% lacking in threat detection and incident response, these are key areas to allocate budget for 2020.
Need help determining where to spend this year for maximum benefit? Contact us for a free consultation.