State of Privacy and Security Awareness in Education Infographic
Educational institutes face a huge challenge against cybercrime. With a vast amount of financial, medical, and personal information all available in one place, there needs to be increased cybersecurity and data privacy measures to safeguard against potential security and privacy incidents. And like other types of organizations, an educational institution’s employees are a key line of defense against cybercriminals.
What does the average employee of a school or university employee know about cybersecurity and data privacy best practices? We wanted to find out, so we polled 904 employees at educational institutions and found that more than two-thirds of respondents could potentially put the personally identifiable information (PII) of students, faculty, and other employees in danger with risky behaviors.
Check out some additional findings:
- 68% of respondents were classified as “risks” or “novices,” meaning their actions could lead to a potentially serious cyber incident or data breach
- Only 32% were classified as “heroes,” meaning they had strong knowledge of security and privacy best practices and are likely well-prepared to deal with many cyber threats
Depending on the nature of the educational institute, these organizations are subject to strict laws and regulations such as FERPA, HIPAA, PCI, and the Gramm-Leach-Bliley Act (GLBA). Due to the growing threat landscape and increasing vulnerability of educational institutes, it’s clear there’s a need to strengthen the defenses against cybercrime.
Even though educational institutes are subject to many laws and regulations regarding the safeguarding of data, they must also be prepared for cyberattacks due to the wealth of information on students and faculty alike. Solely technical safeguards and only following the letter of the law should not replace a comprehensive approach to security and privacy awareness.