Digital Citizens Alliance reported in March 2017 that eight years of monitoring the Dark Web had uncovered over 13 million “email addresses and passwords belonging to faculty, staff, students, and alumni at U.S. [higher ed institutions] available to cyber criminals on Dark Web sites.” The monitoring was conducted by ID Agent, a company that specializes in monitoring Dark Web activity.



Our college partners tell us that data security is top of mind. In many ways, higher ed faces greater challenges than other sectors because college student information is highly valued on the black market. Brian Stack, who leads a team that is responsible for scouring the Dark Web for compromised consumer data at, explained that this value is driven by personal identifiers such as social security numbers, credit card numbers, personal finance information and addresses – all of which are routinely collected by colleges.

Even so, most college cybersecurity teams are proportionally smaller than those that guard private sector organizations. According to the Cisco 2018 Annual Cybersecurity Report, 41 percent of respondents from higher ed cited budget limitations as a key barrier to maintaining security. A lack of trained personnel is also a challenge, according to 27 percent.

Mark Relf, senior security analyst with Collegis Education, advises that data security depends on three points: people, process and technology. Like a three-legged table, if you take one factor out, it will fall over.

“Many people we talk to are surprised to find that software alone cannot guarantee security,” said Relf. “But ensuring that an organization’s staff practices good habits is just as important.”

See the infographic above for four key habits that every college should teach its staff in order to prevent data security breaches.