I generally don’t put a helluva lot of stock in survey data, but the education sector has been so behind the 8-ball when it comes to data security, that I fear these results are accurate.
Netwrix did a survey and here are some of their key findings for the education sector:
- More than three quarters (79%) of educational institutions do not use any software for information security governance or risk management.
- 72% of educational institutions do not have any dedicated employees responsible for the cybersecurity function.
- 77% of educational institutions perceive employees to be the biggest threat to system availability and security.
- 49% of educational institutions have faced security incidents caused by human errors, and 37% have had security incidents due to malware.
- Only 23% of educations institutions consider themselves to be well prepared to beat IT risks.
- Educational institutions named lack of budget (74%), lack of time (54%) and insufficient participation of senior management (44%) as the main obstacles to taking a more efficient approach towards cyber risk management.
- Protecting against data breach and fraud tops the current agenda of 49% of educational institutions.