ANAHEIM, Calif. — For the second time in a row, information security remains the top IT issue that higher education leaders will need to grapple with next year, as the annual Educause Top 10 list reveals.
In January, Educause will come out with its full report on the top 10 higher ed IT issues that leaders face, but following tradition, the association's leaders shared the list with the approximately 4,200 higher education leaders who are attending its annual conference in Anaheim, Calif., this week so they can plan ahead for next year.
Information security regularly appears on this annual list, but last year it took the top spot for the first time. As the Verizon 2016 Data Breach Investigation Report reveals, attackers scored 254 confirmed breaches last year against education institutions worldwide. That's compared to the 2,260 breaches that the report analyzed across industries, many of which hit the accommodation and retail industries.
Hacking, malware and phishing easily make up the top three threats, and phishing represents the biggest problem for universities, said Susan Grajek, Educause's vice president for data, research and analytics. About a third of potential victims opened deceptive emails that look like they're from a trusted person, but include a malicious link or attachment — up by 23 percent over the previous year, according to the Verizon report.
"It’s really hard to get on top of that because that’s a matter of every single constituent always being sharp and on their toes," Grajek noted.
|1. Evolving staffing models||1. Information security||1. Information security|
|2. Optimizing technology in teaching and learning||2. Optimizing educational technology||2. Student success and completion|
|3. Funding IT strategically||3. Student success technologies||3. Data-informed decision-making|
|4. Improving student outcomes||4. IT workforce||4. Strategic leadership|
|5. Demonstrating IT's value||5. Institutional data management||5. Sustainable funding|
|6. Increasing capacity for change||6. IT funding models||6. Data management and governance|
|7. Providing user support||7. Business intelligence and analytics||7. Higher education affordability|
|8. Developing security policies for the institution||8. Enterprise application integrations||8. Sustainable staffing|
|9. Developing enterprise IT architecture||9. IT organizational development||9. Next-gen enterprise IT|
|10. Balancing information security and openness||10. E-learning and online education||10. Digital transformation of learning|
That said, IT leaders will need to figure out how to put together a cohesive plan that helps reduce their institution's risk of losing the information security war.
While information security took the top spot, three other issues made the list for the first time: Strategic leadership, higher education affordability and next-gen enterprise IT. Now more than ever, higher education IT leaders have a responsibility to work across their universities in a leadership role to help shape and carry out strategic priorities including the main business of universities: Graduating students who are well prepared for careers and life.
Gone are the days when IT leaders just made sure technology ran smoothly. Now the entire university needs IT to do everything from keeping the Internet up to providing data analytics tools that faculty and advisers can use to help students continue moving along the path to graduation.
"You can’t advance institutional strategy without IT anymore; you just can’t do it,” Grajek said.
Regardless of the IT topic on this year's list, each of the Educause panelists who came up with these issues tied them all back to student success. That reflects their institutional priorities from the president and provost downward, she said, along with attention from the media.
Their challenge now is to become strategic partners with other university leaders and to use data and predictive analytics to help students succeed. Student success and strategic leadership priorities go hand in hand as universities push everyone to focus on helping students.
"Everybody’s talking about student success, and CIOs get it," Grajek said. "They really understand that what they’re doing in IT relates to student success.”
Now it's a matter of them teaching other university leaders about how they can contribute strategically, she added, and also learning themselves about what data the university needs and what's working well for faculty, students and advisers.
Part of that strategic partnership includes making decisions about enterprise technology that will be cost-effective, scalable and flexible. This next-gen enterprise IT priority falls toward the bottom of the list, but is still important because today's enterprise resource planning systems can't handle the data tasks that universities demand of them. At the same time, newer cloud-based systems come with their own set of challenges. Grajek likened the situation with the university and these systems to a child going through a growth spurt whose current shoes are too small, but who is swimming in the next size up.
Universities aren't convinced that one giant system will meet all their needs for the future, and they're going to need to learn the lessons from enterprise resource planning systems so they don't repeat the same mistakes — such as heavily customizing their systems, which costs extra time and money. It also takes a lot of work to make existing infrastructure and cloud-based systems fit together.
"It’s one thing to say we’re not going to customize," Grajek said, "and it’s another thing to get all the constituents to agree that they won’t do it."
Sustainability came up as a key word throughout this list, including a sustainable workforce. A lot of these changes will take plenty of effort from IT leaders at a time when they could get much higher salaries elsewhere with more flexibility to work remotely or adjust their schedule to take care of kids.
"We’re training students to get wonderful jobs, including in our industry," Grajek said, "so why should our well be dry?”