Dive Brief:
- A recent cyber attack at Penn State University could be part of a coordinated effort by Chinese hackers to infiltrate schools across the country.
- According to eCampus News, higher education tends to be more vulnerable than the business sector, which spends more money on IT protections, and if a security breach doesn’t uncover personally identifiable information, the institution doesn’t have to disclose it.
- A private security analyst who spoke with eCampus News recommends outsourcing website services so a third-party can manage security, as well as joining with other higher education institutions for a security threat information-sharing group.
Dive Insight:
Penn State is only the latest in a line of security breaches at universities. A key protection is having clear security policies in place and following them but that’s not always easy to do with a range of faculty, staff, and students all accessing the network. In response to attempted attacks, sometimes tens of thousands per day, research institutions are, however, opening their budgets to greater protection. The New York Times reported in 2013 Berkeley had doubled its cybersecurity budget from one year to the next in response to repeated attacks. The need for greater protection is a new reality across the board.