Cybersecurity leadership for institutions of higher education

Abstract

Research continues reporting an increase of cyber-attacks deployed against institutions of higher education. Unauthorized access to known vulnerabilities in software applications, institutions of higher education rely on, is providing external attackers ease of entrance points to access personal information assets. Information assets obtained enable external attackers to sell this information on the Dark Web, where anyone can purchase American Express, Visa, and Master Card details with CVV from the back of credit cards, as well as login and password information, expiration dates, mother’s maiden name, and so on. Thus, utilizing qualitative grounded theory lite research enables the researcher’s research study to be valid and significant. The researcher seeks to answer the question regarding why ineffective cybersecurity leadership advocates an attitude of tolerance for ineffective training and non-compliance. The researcher also desires to understand how to define improved cybersecurity and information security policy, institutions of higher education can rely on. As well as answer the question regarding what the best resolution is to decrease human error among executive leadership, administrators, faculty, and staff at institutions of higher education. After all, research proves human error is a leading cause of cyberattacks, particularly when institutions of higher education, information systems, technology, and/or cloud practitioners (ISTC) neglect to design effective training and technology usage policy. Thus, this research delivers a resolution supporting institutions of higher education need for increased cybersecurity leadership, delivered through an introduction, literature review, discussion, method of research, results, recommendations, and conclusion.