The EDUCAUSE 2022 Conference was held last week in Denver, CO, and the CampusGuard team was there to engage in the excitement and connect with many of our higher education partners and clients. We compiled a list of concerns, challenges, and goals we heard during the conference. Here are the top seven key takeaways:
- New GLBA requirements and a looming deadline
GLBA is a top concern for many higher education institutions, especially with the requirements from the updated FTC Safeguards Rule quickly approaching on December 9, 2022. Many in higher ed are hoping for more official guidance on audit requirements and how the Safeguards Rule changes will be incorporated.
- Research environments and CMMS compliance
Research environments are also a growing challenge and ensuring researchers on campus can apply for DOD contracts and funding. Understanding how to meet requirements under the Cyber Security Maturity Model Certification (CMMC) 2.0 and prove compliance will be critical.
- Cyber-attacks and ransomware concerns
Ransomware attacks don’t just unsettle institutions’ IT departments and disrupt campus operations, they also top the list of concerns for institutions’ executives and boards. Securing sensitive data, ensuring privacy, and implementing a strong incident response plan that has also been tested are all steps institutions can take to protect your institution from a ransomware attack. Proactive steps like penetration testing can also help organizations identify potential weaknesses first.
- Cloud services/third-party management
Formalizing third-party management is important as more and more services are moved to the cloud. Organizations are looking for tools to help evaluate new vendors and track and monitor third-party relationships across campus ongoing.
- Consolidating services providers
We also heard from a few attendees that they are looking to reduce the number of vendors they are contracting with. For example, if an institution can turn to one training vendor to meet the training needs across campus, this can improve efficiencies and reduce time and costs spent maintaining multiple platforms. With limited budgets and resources, finding long-term partners who can help augment internal teams and provide comprehensive services is critical.
- Next-level collaboration
We witnessed higher education partnerships at work—higher ed professionals sharing resources and ideas with each other and identifying solutions to address challenges and ever evolving threats. Being able to collaborate in person again is so valuable and is absolutely needed now more than ever!
- The need for ongoing awareness training
Administering continuous training for faculty and staff is crucial to promoting cybersecurity awareness and helping employees stay vigilant and prepared if/when an attack occurs. Awareness training can also address acceptable employee usage, how to navigate remote/hybrid work environments, and reinforce best practices.
Thanks to those of you who stopped by our booth and connected with us to discuss your challenges, concerns, and goals with us. It is always great connecting face to face! CampusGuard wants to be your dedicated partner to help you attain compliance and protect higher education institutions against cyber-attacks. Let us know how we can help!