Challenges confronting higher education leaders are evolving beyond technology, cybersecurity, and controls. Gartner predicts, “By 2025, lack of talent or human failure will be responsible for over half of significant cyber incidents." They further predict "almost half of the cybersecurity leaders will change jobs, 25% for different roles entirely due to multiple work-related stressors."

Colleges and universities worldwide have experienced a surge in cybersecurity breaches that exposed personally identifiable information (PII) and ransomware attacks, resulting in significant operational and financial costs. Did you know that nearly three-quarters (74 percent) of ransomware and cybersecurity attacks on higher ed institutions succeeded? And that the education industry ranks as the 6th most-targeted industry? In the case of ransomware, while most education victims successfully retrieved some of their data, few retrieved all of it, even after paying the ransom. From unintended disclosures to hacking/malware, beyond the threat of the initial intrusion, the high success rate of these targeted attacks creates significant challenges for institutions trying to protect their staff and students — and when obtaining viable and cost-effective cybersecurity insurance. 

CampusWorks understands these challenges. We know what’s keeping you up at night and scrambling during the day, and we can help. 

Cybersecurity and risk mitigation have five key metrics that must be addressed, and are evaluated by cybersecurity insurance companies; they are: 

1. Mean Time to Detect
2. Mean Time to Remediate
3. Number of Breaches
4. Number of Intrusion Attempts
5. Unplanned Downtown

CampusWorks assesses each client's condition utilizing a four-phase process that includes an in-person determination of local policies and practices at each institution, followed by appropriate remedial action. Our experts understand and adhere to cybersecurity insurance companies' requirements according to the National Institute of Standards and Technology (NIST). We leverage the CIS Risk Assessment Methodology (RAM) and other industry best practice evaluation metrics to identify all potential cybersecurity risks to systems, devices, applications, and networks and provide a comprehensive roadmap for addressing these risks.

Here's what our experts know — so you can rest easy at night. The CIS Controls and National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) are two popular frameworks for evaluating and managing cybersecurity risk. The Center for Internet Security (CIS) has developed a mapping between the two frameworks to help better understand how they complement each other.

The CIS Controls are a prioritized set of actions to improve cybersecurity posture. At the same time, the NIST CSF is a framework for managing cybersecurity risk across different sectors and industries, including Higher Education.

The mapping between CIS Controls and NIST CSF shows how the CIS Controls can help achieve the objectives of the NIST CSF.

Our experienced team of higher education experts have tackled every challenge as we fulfill our mission to develop and implement insightful strategies that improve institutional effectiveness and enhance the student experience.  And while numbers alone don’t convey the day-to-day frustrations, the challenges of having to accomplish more with less, or the relief of a problem solved – we are proud of the relationships, the results, and the client success stories from nearly 25 years of transforming higher education.     

• 9.15 Client Satisfaction Score (CSAT) – On a scale from 1 to 10, with 1 being extremely unsatisfied and 10 being extremely satisfied.  

• 100% Trust Index (from CSAT Survey) – Question: I trust CampusWorks to deliver high-quality services to meet my stated and unstated needs.  

• 93% Reference-ability Rate (from CSAT Survey) – Question: How likely would you be to refer CampusWorks to a friend or colleague?  

• 100% Unanimous Decisions - Our system evaluation and selection projects consistently yield unanimous decisions, translating to strong community buy-in, successful implementation, and high user adoption.  

• 350: Number of Processes Reimagined - Our expert team has outlined the most impactful processes across nine different campus areas that deserve intensive scrutiny to transform the institution and empower student success.  

• 300+ Resources Ready to Serve - Our people are ready to fill any gap. Experts with extensive experience in higher ed are ready to turn your transition into an opportunity.

An Objective Assessment of Your Technology

As colleges and universities emerge from a world defined by pandemic-related restrictions, an influx of emergency funding, and remote work, higher education leaders are navigating what it means for their institutions to operate — and thrive —in this new reality. As a President, ask yourself these questions:

• Do you face challenges with your current IT infrastructure or organization? 
• Do you lack the technology resources to make data-informed decisions? 
• Do you worry about your institution’s vulnerability to cyberattacks?  And do you know if any current violations in IT might cause your cybersecurity insurance to be in question?

Let’s face it: technology touches everything we do. You need systems and processes that help you prepare for and predict future challenges and position you for long-term growth and success. Now more than ever, IT must be your institution's high-performing strategic partner. Now is the opportune time for an unbiased technology assessment.

The CampusWorks Technology Assessment starts with carefully reviewing your strategic plan and institutional goals and an in-depth evaluation of three distinct areas: management, technology, and operations. And when the objective assessment is complete, you will receive executive and IT staff reports that provide straightforward answers to your technology questions, recommendations that align with your institution’s goals, and a strategic roadmap with prioritized timelines.

Learn more about our Technology Assessment

Four Simple Questions To Help Inform Your Cybersecurity Risk.

Cybersecurity facts you NEED to know:

•  Through mid-2023, U.S. schools have leaked 32 million records in 2,681 data breaches.
•  During the first six months of 2023, the education sector saw a 179% spike in overall attack volume compared to the first half of 2022. 
• The 2023 Cost of a Data Breach Report found that the average cost of a cybersecurity breach was $3.7 million at colleges or universities.

In just the past three years, 6.95 million records, including personally identifiable information (PII) were exposed, resulting in significant risk and financial implications to colleges and universities. The EDUCAUSE Center for Analysis and Research (ECAR) reported 1,241 cybersecurity incidents in 2022 alone, with 282 confirmed PII data disclosures. As frightening as those numbers are, a staggering 75% of data breaches are estimated to go unreported. Hacking and ransomware attacks have become a dominant source of these breaches in recent years, with third-party breaches also growing (namely due to large-scale attacks like Blackbaud, Illuminate, and the most recent MOVEit mass-hack).  

How has your state fared in the cybersecurity battle to keep institutions and students safe? Check out this map of US Education data breaches from 2005 to Mid-March 2023.

Our people and business model are at the core of our success. We employ senior technology professionals with decades of higher education experience who help higher education constituents bridge from the traditional academic culture to today's required environment built on sound planning, accountability, and measurement business practices.

Our certified cybersecurity resources have years of experience providing IT security strategy and tactical expertise in higher education and Fortune 500 industries. With expertise in a wide-range of security-related technologies, privacy, and risk management, these experts have strong credentials and experience in strengthening cybersecurity programs; their certifications include:

• CISSP – Certified Information Systems Security Professional
• CRISC – Certified in Risk and Information Systems Control
• CISM – Certified Information Security Manager
• CISA – Certified Information System Auditor
• CGEIT – Certified in the Governance of Enterprise IT
• CEH – Certified Ethical Hacker
• PCIP – Payment Card Industry Professional
• CCSP – Certified Cloud Security Professional

At CampusWorks, we have only one allegiance, and that's to you! 

For us, cybersecurity is more than just ensuring your data, capital, and people are safe — it's also about protecting your credibility, your reputation and your accreditation.

Phase 1:  Preparation and Data Collection  

• Project Kick-off
• Document Request
• Document Analysis
• Attack Surface Assessment
• External Vulnerability Scan

Phase 2: Onsite CIS RAM Assessment, Summary of Findings, and Recommendations 

• Onsite Assessment
• Assessment Analysis
• Report and Roadmap Development

Phase 3: Final Report Delivery 

• Presentation Development
• Final Presentation Delivery
• CISO Strategy Workshop
• Final Report Delivery

Phase 4:  Cybersecurity Remediation  

The project's fourth phase involves providing a security engineer to remediate the prioritized findings identified in the previous phases. This subject matter expert will rapidly improve the overall cybersecurity posture of the institution by implementing strategic and tactical best practices and maturing the overall cybersecurity posture.

From staff augmentation to interim leadership, CampusWorks offers access to experienced professionals to help your institution reach its full potential.

Sometimes you just need extra hands — whether to fill a vacant seat, wrap up a daunting project, or satisfy a specialized niche with hard-to-find expertise. Recruiting, hiring, and training new employees are costly endeavors. Not to mention the instability staffing shortages can create, resulting in lost productivity and increased workload for remaining employees, leading to burnout and more resignations. Whether it’s a large project, like an enterprise system implementation, requiring expert programmers and project managers experienced with major ERP or CRM systems, or backfilling technical and functional positions to keep current systems secure and operations running smoothly — our interim staffing solutions deliver on-demand access to the talent you need. 

Learn more about Staff Augmentation

Being down a leader not only impacts the bottom line, it has a trickle-down effect that can cause productivity to wane, morale to suffer, and inertia to set in. Hiring an interim leader can help your institution bridge costly leadership gaps for months or years, restore stability, and strengthen operations until a permanent replacement is found. We have a cadre of vice president and director-level professionals who can fill any administrative vacancy and are prepared to work with your team to strengthen operations, so your permanent new leader can hit the ground running. With the experience of over 300 seasoned higher education experts behind them, every interim role stands at the doorway to more when you need them. 

Learn more about Interim Leadership

Whether you want to expand your online offerings, condense the duration of a semester, modernize your IT infrastructure, or achieve another wildly-important goal, CampusWorks' seasoned professionals offer the clear vision and fresh perspective to get your team across the finish line.

Our relationship with CampusWorks initially fulfilled some IT needs, including our CIO. Over the years, it has developed as a partnership, which not only addresses IT needs but has a particular emphasis on business process and fulfilling niche needs. We look forward to continuing this relationship for many years.

• How Much Does a Data Breach Hurt a College or University’s Wallet – UB Daily
• US Schools Leaked 32 Million Records since 2005 – Comparitech
• Cybersecurity Challenges In Education and How to Start Solving Them – Forbes
• Gartner Unveils Top Eight Cybersecurity Predictions – Gartner
• MOVEit Attack Signals Growing Cybersecurity Threats for Higher Ed –Inside Higher Ed

Leaked Records and Data Breaches

Technology with Vendor Independence

Trust a Proven Risk Assessment Methodology

Our Four Phase Approach

Don’t Just Take Our Word For It — Numbers Don’t Lie

Strategic Staffing Solutions

Cybersecurity In the News

We are committed to addressing cybersecurity threats by proactively identifying potential gaps in your institution’s security policies and procedures and applying immediate remediation solutions. 

SECURE YOUR INSTITUTION AND MINIMIZE YOUR RISK

"Our relationship with CampusWorks initially fulfilled some IT needs, including our CIO. Over the years, it has developed as a partnership, which not only addresses IT needs but has a particular emphasis on business process and fulfilling niche needs. We look forward to continuing this relationship for many years."