Data security

Why University boards should embrace cyber security

Cyberattacks are an ongoing threat to all kinds of businesses, and now they are spreading to universities and other education institutions.

It makes sense when you think about it. Do you know what you are talking about in your fields, whether it’s law, medicine, business or government.

It’s the case that, for some universities, cybersecurity has not dominated their IT agenda – but this must now change. A number of high-profile attacks on Australian universities have shown the risk of attack and the scale of that can be done.

The solution is not only in improving IT security but also in strategic decision-making and ensuring a flow of good information to board members. Good governance is not only a business advantage. IT, security and increased team Awareness of risk and risk management.

Breached for six months

In June, it revealed that the Australian National University had been breached, with as many as 200,000 individuals’ data compromised . The breach occurred late in 2018 but was only discovered in May 2019. Records were taken back to 19 years ago were accessed.

Vice-chancellor Brian Schmidt told the ABC that in addition to academic records, the data accessed “, may include names, addresses, birth numbers, phone numbers, personal email addresses and emergency contact details, tax file numbers, payroll information, bank account details , and passport details “.

Needless to say, the university took swift action to improve its cybersecurity, governance and risk-management processes.

The breach highlights the financial and business data: personal data can be highly lucrative and open the door to further attacks and security breaches.

Education is a target

Criminals are intensifying their attacks on the education institutions around the globe for several reasons. Research is one: Computer Weekly reported that in the UK, “with 93 per cent of research commissioned by government and almost a third of that relating to national security”, its universities were under victories .

Tellingly, the report noted that the primary targets were scientific, medical, economic and defense research.

Personal data is another: in the US, it’s not just the major universities at risk. Community colleges are under attack , 20 years or more.

Yet it seems many institutions are lagging when it comes to managing these risks. Back in Australia, a recent Auditor General’s report has highlighted NSW universities’ continued vulnerability to cyberattacks. One university was deemed to be at high risk of theft of sensitive data and there were 35 “moderate risk” weaknesses in universities’ risk controls – 28 of which were “repeat findings”.

Software is the solution

What then is the solution? In simple terms, IT security is the key. But boards must go beyond ‘simple terms’ and consider how best to protect their organizations. Many higher education institutions have multiple boards, covering corporate, academic, social and other areas of concern.

Deploying a single board management platform is a common set of governance tools. In the first instance, this minimizes the institution’s ‘attack surface’ by reducing the number of software tools used and simplifying management.

Modern solutions – like Diligent Boards – so have ‘baked in’ to their tools, including messaging, document sharing, board papers, voting and more. In particular, secure tools for board members to communicate, collaborate and share information are vital.

Victoria University deployed Diligent Boards in 2018 and have been enjoying improved functionality and security . With data hosted in Australian data centers and 24/7 support, the university’s IT team has been reassured by the new portal.

Senior Project Manager Will Thompson noted that Diligent Boards “makes it easy for board members to use their smart devices to navigate the board”.

But the benefits do not end there. Modern governance tools facilitate better strategic decision-making by providing better data and better insights. This includes better decisions around security. Critically, it also includes better insights into behavior and gives board members the opportunity to lead by example.

It is well-known that ‘risk leadership’ behavior by boards helps create a risk and security-aware culture within an organization, which is critical to guaranteeing the effectiveness of risk controls and security systems. That’s because – as many of us can attest – even the best technologies in the world want to be hampered by managers and those who do not appreciate their adoption.

Deploying a modern governance solution is the best way for education institutions to enjoy all these benefits, protect their sensitive data, and more.

Diligent is the pioneer in modern governance. Unparalleled insight and highly secure, integrated SaaS applications, helping organizations thrive and endure in today’s complex, global landscape.

Contact us to find out more or for a product demo or to find out more

Featured Blog