Your Alma Mater is Breached – Should You Care?

In 2015, the higher education industry experienced 165 security incidents.[1] This year, seven higher education institutions withstood malicious, large-scale data breaches. No higher education institution of any size or prestige is immune to security threats.[2] A compromised security infrastructure can cripple reputation and moreover, result in financial loss.

Let us examine some research from recent studies:[3]

• The average cost of a data breach in the United States is $6.5 million, which amounts to $217 per record.
• In higher education, the average cost per record is $225 per record, thus exceeding the national average.
• The average cost of data breaches in higher education are roughly $5.6 million.

What does this mean for you?

You have graduated and are well into your career; why should you care if your alma mater got breached? Well, here are a few reasons:

Who wants to be a millionaire?

The hacker with your personal information. Though it may seem that students currently enrolled at your alma mater are more at risk of getting their personal information stolen, institutions keep on file the information of every student that has ever been affiliated with them. This includes, but is not limited to, current students, alumni, faculty, staff, and past applicants. There is a possibility that not only your academic information may be at risk, but also your personal identifiable information.

In 2015, Harvard University experienced two security incidents. The first was a website hack, and the second was a massive data breach that affected as many as eight different schools and administrative offices.[4] Though it was not clear what was compromised, Harvard urged the administration to update their passwords for all school and email accounts.

The University of Connecticut experienced a massive data breach in 2013. Social security numbers and credit card data were stolen. This breach was not even discovered until this year – a year and a half after the original network penetration occurred.[5]Imagine how much can be discovered within 18 months.

Sticks and stones may break your bones but words can never hurt you, right?

Not quite. Remember how proud you were when you walked across that stage and received your degree? Or how you take pride in saying the school you graduated from, knowing people will recognize it because of its prestige? Well, if a data breach occurs, there a great possibility that the institution will have negative press. The reputation may be damaged, especially if the security compromise is a large scale data breach. Losses due to a breach are not just monetary; it affects the confidence of students, parents, and even donors. This may even result in a reduction in the number of students to apply and/or attend the institution, which in turn correlates with a loss of alumni donations.[6]

What’s Next?

As you can see, when a higher education institution experiences a breach, it may not only affect current students and faculty but also alumni. It may affect you.

Wilson Consulting Group (WCG) has assisted higher education institutions of all sizes in conducting a variety of services such as cybersecurity assessments, IT Governance services, penetration testing, vulnerability assessments, policies and procedures development, PCI DSS Gap Assessments and Analysis, and HIPAA compliance.

Upon completion of these services, the higher education institutions have experienced notable improvement to their overall security posture and infrastructure. WCG identified potential vulnerabilities in information systems, mitigated malicious data breaches, and provided holistic views of these institutions’ compliance statuses and viable solutions to meet complex standards and regulations. WCG has also implemented IT governance, strengthened existing IT governance solutions, and collaborated with higher education institutions to meet budget requirements and project goals.

WCG continues to work with higher education systems to achieve strong web application security, network security, endpoint security, IP reputations, password protection, DNS health and patching cadence – all of which are important categories higher education institutions must exceed in.

Over the past decade more than 14 million personal records within higher education have been compromised due to data breaches.[7] We work with higher education institutions so that they will not fall victim to cybersecurity threats. At WCG, your security is our priority.

[1]http://www.huffingtonpost.com/kyle-mccarthy/five-colleges-with-data-b_b_6474800.html

[2]https://www.privacyrights.org/data-breach/new

[3]2015 Cost of Data Breach Study: United States; Ponemon Institute May 2015

[4]http://www.forbes.com/sites/abigailtracy/2015/07/02/harvard-got-hacked-again/

[5] http://today.uconn.edu/2015/07/uconn-responds-to-data-breach-at-school-of-engineering/

[6]https://www.bluefin.com/bluefin-news/university-donations-rise-cyber-thieves-watching/

[7] https://net.educause.edu/ir/library/pdf/ECP1402.pdf