As the twenty-first century advances technologically, the era is also becoming notorious for the rise of organized cybercrime and attacks on business information and operations. Company data and intellectual property are considered the "New Oil" that generates value for organizations and their constituents. With the escalating number of…

This case asks information systems analysts to assess the cybersecurity posture of a manufacturing company. The exercise works well as a group activity in an information systems course that addresses cybersecurity controls. The case introduces guidance from the National Institute of Standards and Technology, and learners develop work products…

The U.S. Department of Education (Department) Office of Inspector General (OIG) Strategic Plan for Fiscal Years (FY) 2023 through 2028 represents the planned direction of the organization for FYs 2023-2028. It continues the 40-plus year commitment to the mission to promote the efficiency, effectiveness, and integrity of the Department's programs…

Individuals whom have legitimate access to network resources, trade secrets, or otherwise sensitive data as part of their daily functions are categorized as an Insider Risk. Insider Risk has been pushed into the public eye in recent years with the Edward Snowden leaks of 2013. Snowden had a business need to access the data he retrieved but the…

Cybersecurity has emerged as one of the most critical issues confronting schools in the 21st century. Computer security is an essential instrument for protecting children, but K-12 schools are considered one of the most attractive targets for data privacy crimes often due to the less-than-effective cybersecurity practices in schools. The human…

This eighth edition provides a current and comprehensive discussion of counselors' legal and ethical responsibilities, an examination of state and federal laws as they relate to practice, and helpful risk management strategies. Attorney Nancy Wheeler and Burt Bertram, a private practitioner and counselor educator, offer real-world practical tips…

Why is Information Privacy the focus of the January-February 2013 issue of "EDUCAUSE Review" and "EDUCAUSE Review Online"? Results from the 2012 annual survey of the International Association of Privacy Professionals (IAPP) indicate that "meeting regulatory compliance requirements continues to be the top perceived driver…

Internet fraud takes a number of forms with the responsible individuals changing tactics rapidly to avoid detection. The perpetrators rely on telemarketing, emails, as well as presenting themselves personally to unsuspecting people. The evolution of internet marketing as well as ecommerce and the ease of connectivity create increasing…

Almost everyone uses social networking sites like Facebook, MySpace, and LinkedIn. Since Facebook is the most popular site in the history of the Internet, this article will focus on how one can protect his/her personal information and how that extends to protecting the private information of others.

On average, more than 90% of email is unwanted junk mail--spam. Many spam messages include annoying promotions for irrelevant products, but others include viruses and pornographic content, which can pose a severe legal issue for schools. Spam puts districts in a difficult situation as schools try to enhance learning in the classroom with advanced…

When an individual hears the term risk, he/she usually thinks of the financial institutions whose mismanagement of risk was instrumental in causing the 2008 financial crash. But all organizations, including colleges and universities, face various types and levels of risk, which threaten to harm the institutions and their ability to fulfill their…

The sourcing of IT systems and services takes many shapes in higher education. Campus central IT organizations are increasingly responsible for the administration of enterprise systems and for the consolidation of operations into a single data center. Specialized academic and administrative systems may be run by local IT departments. In addition,…

Information security threats to educational institutions and their data assets have worsened significantly over the past few years. The rich data stores of institutional research are especially vulnerable, and threats from security breaches represent no small risk. New genres of threat require new kinds of controls if the institution is to prevent…

Concerns about children's online safety have evolved from protecting them to focusing on encouraging positive social norms, transmitting effective skills, and encouraging students to be helpful allies. In fact, federal law now requires schools that receive funding to educate students about cyber safety. Nancy Willard integrates her expertise in…

School business administrators have long recognized the need for a workable data recovery plan regardless of cause. Yet many have not reassessed their current data backup and recovery capabilities, perhaps because they have not experienced a catastrophic failure. There are three reasons school business administrators may not realize or recognize…