Blog
The Future of Cybersecurity in Higher Education: Four Possible Scenarios
A new report by the higher education technology association EDUCAUSE imagines four possible future scenarios of cybersecurity trends in colleges and universities. The report takes into account technology, environmental, economic and political trends to develop the scenarios, while also acknowledging evolving cybersecurity practices and data governance and privacy trends.
The goal of EDUCAUSE’s “Horizon Report ” is to provide information and analysis to help higher education institutions “learn, plan, and act on all that is influencing higher education information security, now and in the future.” At the same time, the report acknowledges that planning for the future is an inexact science. “If we’ve learned one thing from 2020, it’s that the future is more a set of possibilities than it is a single predictable pathway,” report says.
Taking into account the effects of the COVID-19 pandemic, including what it calls the uber trend of remote work, the report lays out four scenarios at colleges and universities – examining best case scenarios and challenges.
Growth
The “Growth” scenario is the rosiest and imagines a kind of age of security enlightenment. In this scenario, ten years from now, cybersecurity professionals will have become essential players in higher education and their ranks will have grown tenfold on campuses.
“In this digital future, a bad guy is lurking in the shadows of every network and scratching at the windows of every device.” To counter the threat, end users’ threat awareness has grown, enabling them to become “proactive partners in protecting their devices and networks,” as opposed to raising obstacles to cybersecurity. Meanwhile, endpoint protection platforms (EPPs) have evolved considerably, and authentication solutions have become seamless and invisible.
Constraint
In the “Constraint” scenario, the pandemic’s economic fallout will have led to a series of mergers and acquisitions in higher education. IT budgets will have been gutted and massive federal privacy regulations will create serious liabilities for cybersecurity professionals.
Increased personal device use for work in the wake of the pandemic will have led to a surge of security incidents. In 2027, “The Great Higher Education Hack” will result in the theft of personal data of more than one million students from 20 of the largest U.S. colleges and universities. For legal protection, vendors will require “complex, costly contracts that prevent higher education IT from responding to institutional needs in an agile manner.”
Collapse
In the “Collapse” scenario, security fatigue will take hold, and technology giants will take over higher education’s cybersecurity. “Institutions are making deep cuts or even eliminating internal cybersecurity functions, while student data is viewed as a commodity to profit from rather than an asset to protect.”
In this scenario, “innumerable security risks across technologies, devices, and networks” will leave most end users numb to cyber threats or the need for protection. All devices will be built with mandatory GPS tracking and without privacy features, and any semblance of privacy will be gone.
Transformation
The final scenario, “Transformation,” envisions a partnership between higher education and national security agencies to wage a “war on cyber terror.” “National security agencies will collaborate with higher education institutions, leveraging campus technologies, computing power and know-how to combat threats.”
Thought exercises like those found in the EDUCAUSE report may seem like doomsday planning to some, but they may also help security leaders and policymakers to think through the potential long-term threats and ramifications that could be avoided by taking decisive action soon.
To read the full report and its methodology, click here .