19 Cybersecurity Terms Every Higher Ed Leader Should Know

Cybersecurity rapidly became one of the most pressing and difficult initiatives for higher ed during the pandemic. This is mainly due to vulnerabilities caused by the large and unexpected shift to remote operations and devices, coupled with aging IT infrastructure, unsecured Wi-Fi connections, untrained user networks and understaffed IT departments.

With all of its tools, technologies, methods and attacks, the cybersecurity realm can be overwhelming and confusing to grasp. To help you gain a better understanding of the vernacular used to discuss key information security issues and strategies, we’ve compiled a list of the top cybersecurity terms you should know as a higher education leader.

Defining 19 cybersecurity terms related to higher education

We’re breaking down this list of important terms and concepts to help you better understand and discuss the cybersecurity field more fluently.

1. Backup and disaster recovery

Backup and disaster recovery is the process of ensuring business continuity by making extra copies of data and then being able to quickly reestablish access to that data after an outage caused by things like human error, natural disaster, security breaches and ransomware attacks. A recovery plan might involve switching over to a secondary set of servers and storage systems until your institution’s primary data center is functional again.

2. Chief information security officer (CISO)

The chief information security officer (CISO) is the executive responsible for an organization’s information and data security. They understand the organization’s IT infrastructure and the potential threats to its tech systems. Their primary responsibility is to implement security protocols, procedures and recovery processes. As colleges and universities increasingly find themselves the target of cyberattacks, the need for institution-wide leadership and governance to meet and fend off ever-changing attacks is critical.

3. Dark web

The dark web refers to sites and services that aren’t indexed by search engines and cannot be accessed using a traditional internet browser. Often used by cybercriminal communities due to its ability to mask a user’s internet activity, the dark web is commonly used to widely distribute and sell personally identifiable information (PII) – which schools possess large quantities of in the forms of financial data, medical records and Social Security numbers.

4. Data breach

This is an incident – whether intentional or accidental – that exposes confidential or protected information. Data breaches enable cybercriminals to access key data and profit from it at your expense. In July 2020, it was reported that 1,327 data breaches in the education sector had resulted in the exposure of 24.5 million records since 2005. Higher education accounted for three-quarters of those breaches.

5. Data loss prevention (DLP)

This refers to a strategy using a set of tools (e.g., software) and processes to ensure users do not send sensitive or critical information outside of the organization’s network to unauthorized users. DLP products use business rules to classify and protect confidential and critical information so that unauthorized users cannot accidentally or maliciously share data, which would put your entire institution at risk.

6. Firewall

A firewall is a network security device, such as hardware, software or both, that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on an organization’s previously established security policies. In essence, firewalls establish a barrier between your institution’s private internal networks and untrusted outside networks.

7. Hacking

The act of compromising networks and digital devices, like computers, smartphones and tablets, to gain access to confidential data or disrupt data-related activity. Between 2005 and 2020, hacking accounted for 43 percent of higher ed breaches.

8. Intrusion detection system (IDS)

This is a device or software application that monitors a network to detect malicious activity or vulnerabilities against an application or computer.

9. Internet protocol (IP) address

An internet protocol (IP) address is a unique address that identifies a device on the internet or a local network. If a cybercriminal has access to your institution’s IP address, they can cause damage, such as launching large-scale attacks against your network, which may result in extended network outages.

10. Malware

Short for malicious software, malware describes a harmful computer program or code that seeks to invade, damage or gain access to computers, computer servers or networks. With a sharp increase in online learning models, hackers are finding more opportunities to attack with malware. Read this article from EdTech Magazine for ways colleges can prevent these types of attacks.

11. Multi-factor authentication (MFA)

Multi-factor authentication (MFA) is an authentication method that requires users to provide two or more verification factors to gain access to a digital resource, such as an online account or application. If one of the factors has been compromised by an unauthorized user, the chances of another factor also being compromised are reduced.

12. Phishing

A common type of cyberattack that uses electronic communications to deceive and lure sensitive information from users, often beginning with an email that attempts to persuade a user to click on a malicious link or download an infected attachment. College and university students are heavily targeted by cybercriminals because they are used to receiving emails from the institution requesting personal information. For example, a cybercriminal may target a student with an email containing a phony university bill that can be conveniently paid through a fake portal. If the student clicks and enters their personal information, the attacker can control the student’s bank account.

13. Ransomware

A form of malware designed to paralyze a victim’s systems. Malicious actors then threaten to steal, block or publish a victim’s data unless a ransom is paid for decryption. Ransomware attacks on colleges doubled from 2019 to 2020, costing an affected institution $447,000 on average, according to a recent report.

14. Security operations centers (SOC)

A security operations center (SOC) is a central command post within an organization that continuously monitors its IT infrastructure and improves its security posture by preventing, detecting, analyzing and responding to cybersecurity incidents.

15. IT security policy

An IT security policy defines the rules and procedures for all individuals accessing and using an organization’s IT assets and resources. It outlines what it means to be secure and seeks to preserve the confidentiality, integrity and availability of systems and information used by an institution’s faculty, staff and students.

16. Security risk assessment

Security risk assessments identify and review areas within an organization’s people, processes or technologies that need extra attention and currently provide an attack vector for malicious activities. These assessments allow institutions to view their full security landscape as a whole and support IT leaders’ ability to make informed decisions around resource allocation, tooling and security control implementation.

17. Spoofing

A type of cyberattack in which cybercriminals disguise themselves as a person, business or entity the victim user is familiar with to trick them into giving up confidential information. Spoofing can apply to emails, phone calls and websites, or it can be more technical, such as IP spoofing, Address Resolution Protocol (ARP) spoofing or the Domain Name System (DNS) server.

18. Virtual private network (VPN)

A virtual private network (VPN) creates a protected network connection when using public networks. When connected to the internet through a VPN, a user’s internet traffic is encrypted, and their online identity is disguised. This makes it more difficult for cybercriminals to track activities online and steal confidential data because they can’t decipher encrypted data. A solid VPN connection has become critical for schools as students, faculty and staff use devices from a variety of sources to remotely access their institution’s computing resources, files, databases and more.

19. Vulnerability scanning

Vulnerability scanning is an automated test that allows organizations to monitor their networks, systems and applications for security weaknesses and report vulnerabilities. It allows IT security teams to proactively manage and mitigate vulnerabilities within their networks.

Increase your knowledge around cybersecurity in higher ed

The higher ed sector has become an attractive target for cyberattacks. To learn more about the threat landscape so you can inform your institution’s cybersecurity strategies, check out our infographic and article “Cybersecurity in Higher Ed: Understanding Vulnerabilities and Preventing Attacks.”