Cybersecurity as a Core Competency
As cybersecurity threats expand and evolve, so too do the laws, policies, practices, and solutions designed to protect data and digital systems. To safeguard institutional assets and train tomorrow’s cybersecurity professionals and leaders, higher education must treat cybersecurity as a basic competency by raising awareness among users, developing plans, and assessing tools and resources.
Expanding Awareness
The first step in tackling any challenge is understanding its scope. Higher education institutions need to increase both the breadth and the effectiveness of security awareness programs for faculty, staff, and particularly students.
Read "EDUCAUSE QuickPoll Results: Growing Needs and Opportunities for Security Awareness Training," EDUCAUSE Review.
Preparing Plans
Colleges and universities need clear, widely understood processes that include steps to take before a cybersecurity incident, recognition of what to do during an incident, and knowledge of how to recover after an incident.
Read "Cybersecurity Incident Management and Response Guide," EDUCAUSE Review.
Assessing Resources and Practices
An essential activity for higher education leaders crafting an effective cybersecurity program is evaluating technologies, practices, and educational programs and choosing those best suited to the institutional context.
Explore the EDUCAUSE Cybersecurity and Privacy Guide.
Showcase Webinar
Missed the Showcase Webinar | Cybersecurity as a Core Competency? Check out the recording to learn from different institutions as they consider strategies for embedding cybersecurity into the institutional culture.
Hear from the Community and Analysts
Solution Spotlight
"Missouri State University performed an enterprise risk assessment last year and identified cybersecurity as the #1 potential risk for the university. This allowed us to raise awareness for all employees and have conversations with our Board of Governors about potential threats that might impact the university. It also provided a catalyst to continue to make infrastructure improvements and partner with a third-party incident response team." —Jeff Coiner
Like this Solution Spotlight? Visit the EDUCAUSE Top 10 Solution Spotlights to learn how other institutions are tackling cybersecurity as a core competency.
Go Further
Hear from the Community
- Demo Day | Cybersecurity Tools
- Matt Parker, D'Ann Jackson, Alicia Porter, Jared Hoffman, Jerry Tylutki, and Nichole Arbino, “Cybersecurity Governance Toolkit,” EDUCAUSE Review
- Peter Romness, Heather Chester, Sharyne Miller, Xavier Belanger and Tom Barton, "Zero Trust Architecture: Rethinking Cybersecurity for Changing Environments," EDUCAUSE Review
Learn from Your Peers
- Cybersecurity and Privacy Managers Institute
- EDUCAUSE Cybersecurity and Privacy Professionals Conference
Feed Your Curiosity
- Nicole Muscanell, "The Cybersecurity and Privacy Workforce in Higher Education, 2023"
- "7 Things You Should Know About Data De-Identification and Anonymization," EDUCAUSE Review
Dig Into the Library
Connect with Community Groups
- Cybersecurity
- Higher Education Chief Information Security Officers (Invite Only)
- Cybersecurity and Privacy Awareness and Education
- Cybersecurity and Privacy 800-171 Compliance
- Cybersecurity and Privacy Technologies, Operations, and Practices
- Cybersecurity and Privacy Governance, Risk, and Compliance
We hope you'll take the lessons from this Showcase to advance cybersecurity training and awareness at your institution. Next up, we’ll explore strategies for addressing hiring challenges in the Hiring Resilience Showcase launching April 1.