Harvard University Data Breach Reported
Compared to corporate America, universities and colleges generally demonstrate a lower level of systems protection. This is partly due to lower financial resource funding in most cases, especially with smaller entities. Regardless of budget, education facilities maintain much of the same critical data on its’ students as any corporation might hold. From Social Security numbers to financial information, the need to secure that private data is paramount. However, that’s what makes this most recent cybersecurity breach so surprising.
Harvard university is perhaps one of the best funded universities in the United States, yet their Information Security systems were unable to stop a breach as recently as a few weeks ago. The University stated that it had been hit by a breach that affected as many as eight schools and administrative offices. The intrusion started in the Cambridge, Mass Faculty of Arts and Sciences (FAS) as well as their Central Administration block, and it remains unclear what information was accessed by the hackers. The university warned that school logins may have been compromised.
Changes to be Made…
Educational institutions have a lot of private intellectual property that would be valuable for bad actors to hold and sell, and we have found in many discussions with IT staff at educational institutions, that university systems aren’t very well protected when compared to large corporate entities. Why? They state it is simply a matter of funding and and the resistance of leadership to recognize the level of risk and exposure when “selling” Information Security projects to the administrative members. Without a renewed focus on security in the educational market, and proper compensation schema for the CISO level and down, we feel it is likely , breaches of this type will continue to proliferate within the education vertical.