IBM released study results in 2012 (http://tinyurl.com/qgua9te) analyzing commercial sector Chief Information Security Officers (CISOs). One of the notable facts they drew from their study was that Chief Executive Officers (CEOs) were just as likely as the Chief Information Officer (CIO) to direct the CISOs’ budget and that 71% of well-developed organizations had a dedicated information security budget.
In a results comparison, CHECS’ recent higher education CISO study seems to indicate that the higher education industry is trailing behind its commercial contemporaries. Only 14% of higher education CIOs believed their security programs were mature. Moreover, more than 40% of higher education CISOs said they did not have a dedicated IT security budget. For the CIOs who also doubled as CISOs, 87% of them indicated they did not have an allotted security budget and 75% of them did not have a dedicated security program employee.
Those numbers are disconcerting. EdTech Magazine (http://tinyurl.com/l2vpwna) reported the education industry in 2012 accounted for 16% of data breaches and was second only to healthcare, surpassing even government and financial data breaches.
Are the greater percentages of security breaches because higher education is ill prepared? Maybe hackers are targeting education because of the rich data mines available. Whatever the reason, it is clear that higher education may not be keeping up with the ever-increasing threats.
Join our distinguished panel of CIOs and CISOs from higher education institutions throughout the United States who are coming together to discuss this issue and more at CHECS free Webinar Jan 12. Learn more.