The study helped investigate Peruvian Higher Education Institutions' (PHEI) security posture and how the adoption of modern technology enhanced the operational processes to reduce cyber threats. The purpose of the research was based on research questions to assess access controls effectiveness, infrastructure security gaps, emerging technology…

This Praxis develops a machine learning (ML) model to address ransomware threats in higher education institutions (HEIs). HEIs are vulnerable to cyberattacks due to their open-access environments, diverse user bases, and decentralized IT systems. These vulnerabilities are compounded by limited budgets, heightened risks from increased digital…

ISACA, a non-profit, independent association that advocates for professionals involved in information security, assurance, risk management, and governance, recently updated its IT governance framework, Control Objectives for Information and Related Technology (COBIT). COBIT 2019 presents a logical approach to information technology and policy…

As the twenty-first century advances technologically, the era is also becoming notorious for the rise of organized cybercrime and attacks on business information and operations. Company data and intellectual property are considered the "New Oil" that generates value for organizations and their constituents. With the escalating number of…

Modern higher education institutions must contend with a litany of cyber threats, regulations, and environmental dynamics. These institutions are increasingly being targeted due to the value of the data they possess and their historically permissive configurations that are intended to support academic freedom. Many universities are implementing…

As cyber security attack rates increase, so do cyber security concerns. Cyber security is the collection of tools, policies, security concepts, security measures, risk management approaches, actions, education, applications, security and technologies that can be used in order to protect the cyber environment and user rights. The aim of this study…

With the recent proliferation of information technology, almost all users of technology, no matter the field, profession, or status, have experienced a commensurate increase in information security threats. This, in turn, creates a significant concern in higher institutions of public learning. Information Security Officers in public higher…

With the advancement in technology over the past decades, networks have become increasingly large and complex. In the meantime, cyberattacks have become highly sophisticated making them difficult to detect. These changes make securing a network more challenging than ever before. Hence, it is critical to prepare a comprehensive guide of network…

Employers want applicants with experience, even for entry-level cybersecurity roles. Universities traditionally help students gain cybersecurity experience by hiring them for on-campus jobs or by matching job seekers to employers for off-campus work. A third option is described in this paper in which universities bring external companies on…

This eighth edition provides a current and comprehensive discussion of counselors' legal and ethical responsibilities, an examination of state and federal laws as they relate to practice, and helpful risk management strategies. Attorney Nancy Wheeler and Burt Bertram, a private practitioner and counselor educator, offer real-world practical tips…

This case study follows the security breach that affected Target at the end of 2013 and resulted in the loss of financial data for over 70 million customers. The case provides an overview of the company and describes the reasons that led to one of the biggest security breaches in history. It offers a discussion on Target's vendor management…

Why is Information Privacy the focus of the January-February 2013 issue of "EDUCAUSE Review" and "EDUCAUSE Review Online"? Results from the 2012 annual survey of the International Association of Privacy Professionals (IAPP) indicate that "meeting regulatory compliance requirements continues to be the top perceived driver…

Subchapter III of Chapter 35 of Title 44, United States Code, Federal Information Security Management Act of 2002; Department of Defense (DoD) Directive 8500.01E, Information Assurance, October 24, 2002; DoD Directive 8100.1, Global Information Grid Overarching Policy, September 19, 2002; and DoD Instruction 8500.2, Information Assurance…

When an individual hears the term risk, he/she usually thinks of the financial institutions whose mismanagement of risk was instrumental in causing the 2008 financial crash. But all organizations, including colleges and universities, face various types and levels of risk, which threaten to harm the institutions and their ability to fulfill their…

The sourcing of IT systems and services takes many shapes in higher education. Campus central IT organizations are increasingly responsible for the administration of enterprise systems and for the consolidation of operations into a single data center. Specialized academic and administrative systems may be run by local IT departments. In addition,…