Affiliation: Assistant Professor, MA in Criminal Justice, USA Farmingdale State College, The State University of New York
Abstract: The importance of having robust cybersecurity risk mitigation techniques in this rapidly evolving technological world cannot be overstated. Educational organizations hold an immense amount of personal data, and in the event of a data breach, it can cause serious damage to the organization. Similar to other organizations, educational organization data breaches occur in many forms, such as unauthorized access, ransomware, malware, physical theft, financial theft, or merely unintended disclosure of information. When higher education becomes the target of a cyberattack, the damage goes beyond the loss of personal identifiable information (PII) of faculty, staff, or students. According to the U.S. Department of Homeland Security, the cyberattack damage for higher education can include reputational, financial, and even national security, as some higher education installations work on defense research projects. The ability to safely connect to educational systems is an essential component of a supportive and safe learning environment. Cyberattacks are a constant threat for higher education institutions, especially after the COVID-19 pandemic shut down university campuses worldwide, forcing students, faculty, and staff to move online. With higher education shifting its operations online, both academic and IT systems face difficult challenges. The higher education entities need to have proper risk mitigation techniques, including defense strategies and effective security policies to safeguard the educational environment from data breaches and targeted cyberattacks. This article provides an overview of data breaches and risk mitigation techniques and strategies in higher education organizations.