Educause Security Discussion mailing list archives
Results for the October 2018 HEISC Survey on Current Risks & Top Issues
From: Valerie Vogel <vvogel () EDUCAUSE EDU>
Date: Mon, 22 Oct 2018 19:44:46 +0000
Good afternoon, Thank you for responding to our latest HEISC survey on current risks and top issues in the higher ed community. A summary is provided below. Thank you, Valerie 2018 Q4 Top Issues (with 110 respondents): * Phishing & social engineering, 35% * End user awareness, training, and education, 28% * Limited resources for the security program (too much work, not enough time or people), 28% * Cloud services & third-party security (including click-through terms of service), 19% * Campus policies & procedures, 15% * Data security (including encryption initiatives, 15% * Limited funding for the security program, 14% * Risk management, including risk assessments 14% _________________________________________ 2018 Q2 Top 5 issues (with 119 respondents): * Limited resources for the security program (too much work, not enough time or people), 32% * Phishing & social engineering, 29% * GDPR compliance, 28% * Risk management, including risk assessments, 21% * Protecting Personally Identifiable Information (reducing end-user storage and access to PII), 19% 2017 Q4 Top 5 issues (with 111 respondents): * Phishing and social engineering, 47.75% * Limited resources for the security program (too much work, not enough time or people), 32.43% * End user awareness, training, and education, 25.23% * Addressing regulatory requirements (PCI, NIST 800-171, etc.), 21.62% * Protecting Personally Identifiable Information (reducing end-user storage and access to PII), 20.72% 2017 Q3 Top 5 issues (with 57 respondents): * Phishing and social engineering * Limited resources for the security program (too much work, not enough time or people) * Addressing regulatory requirements (PCI, NIST 800-171, etc.) * Malware, ransomware, APTs, and zero day vulnerabilities * End user awareness, training, and education 2017 Q2 Top 5 issues (with 101 respondents): * Phishing and social engineering * Limited resources for the security program (too much work, not enough time or people) * End user awareness, training, and education * Limited funding for the security program * Protecting Personally Identifiable Information (reducing end-user storage and access to PII) 2017 Q1 Top 5 issues (with 114 respondents) * Phishing and social engineering * Limited resources for the security program (too much work, not enough time or people) * End user awareness, training, and education * Limited funding for the security program * Malware, ransomware, APTs, and zero day vulnerabilities Valerie Vogel Interim Director, Cybersecurity Program EDUCAUSE Uncommon Thinking for the Common Good direct: 202.331.5374 | Follow HEISC on LinkedIn<https://www.linkedin.com/showcase/higher-education-information-security-council-heisc-/> | twitter: @HEISCouncil | vvogel () educause edu<mailto:vvogel () educause edu> _________________ October is National Cybersecurity Awareness Month! Join EDUCAUSE and the higher ed community as a NCSAM Champion. Follow #CyberAware for tips & resources.
Current thread:
- Results for the October 2018 HEISC Survey on Current Risks & Top Issues Valerie Vogel (Oct 22)