Insights from our 2021 Tertiary Education Digital Transformation Index found that 74 per cent of the institutions surveyed rely on internal resources to manage security, which places a huge strain on their internal IT resources.
Since the pandemic, tertiary education institutions throughout Australia and New Zealand have been rushing their digital transformation initiatives to adapt to an increasingly digital learning environment. But limited resources combined with an urgency to cater to changing student expectations has led to many institutions implementing short-term solutions to address immediate needs. Those needs include providing staff with the ability to work remotely and adapting existing courses for digital modes of delivery.
The burden to action these changes typically falls on the institution’s existing IT team, who often find themselves understaffed, under-equipped and under-trained to handle all these new demands. The ad-hoc approach to implementing digital solutions has led to a variety of gaps in the cyber security of the institutions in question.
While most IT teams can and do manage basic cyber security tasks, they are no substitute for specialised cyber security services. A worrying statistic from our research in our 2021 Tertiary Education Digital Transformation Index revealed that 74 per cent of respondents reported that they relied on internal resources to manage cyber security, while 10 per cent reported that they have no dedicated resources for cyber security at all.
Why institutions need to rethink their cyber security strategy
Having robust cyber security measures in place is no longer a ‘nice-to-have’ it is a ‘must-have’ to manage the cyber security threats to universities. This was clearly outlined in June of 2020 when the Prime Minister of Australia announced that our government and private sector were all at risk from “ongoing” sophisticated cyber attacks and that the scale and frequency of these attacks were growing.
Institutions hold a wealth of sensitive information on both staff and students, including financial data and personally identifiable information. This makes them an attractive target for cyber attacks. In an environment like this, institutions cannot afford to be lax about their cyber security measures. A single incident can be devastating for any institution, risking their reputation and their standing as an education destination.
The reality is that cyber awareness is still an issue in education. Broadly speaking, on-premise solutions are unable to match the scale and experience of SaaS providers when it comes to cyber security.
Institutions that do not include cyber security in their risk assessment and planning are placing themselves at high-risk. That’s why institutions need to think holistically about their digital transformation vision. An effective digital transformation must be an organisation-wide initiative, which means getting buy-in from senior executives, creating a long-term vision and transformation roadmap, and investing appropriate resources.