top of page

Sobering Statistics

  • Security breaches have increased by 11% since 2018 and 67% since 2014. (Accenture)

  • Hackers attack every 39 seconds, on average 2,244 times a day. (University of Maryland)​

  • The average time to identify a breach in 2019 was 206 days. (IBM)

  • The average lifecycle of a break was 314 days (from breach to containment). (IBM)

Here are some sobering statistics that leaders of higher education institutions should consider:

The University of California at San Francisco (UCSF) School of Medicine recently paid hackers $1.14 million so the school could regain access to data that had been encrypted by malware. UCSF networks were attacked by Netwalker ransomware on June 1, and the attack was detected on June 3.


"The data that was encrypted is important to some of the academic work we pursue as a university serving the public good," UCSF said in a statement. "We, therefore, made the difficult decision to pay some portion of the ransom, approximately $1.14 million, to encrypted data and the return of the data they obtained." 

In an interview with the New York Times, Kevin Morooney, the vice provost for information technology at Penn State University, said that on an average day, the university blocked more than 200 million hostile cyberattacks from around the world. 

That alarming number is not unique to Penn State. It demonstrates the need for all institutions of higher education-regardless of size-to ensure they have developed and implemented an up-to-date strategy to combat cybersecurity threats. 

Colleges and universities have unique challenges that other industry sectors may face:

  • Extensive and continually evolving user bases

  • The pressure to adopt new technology throughout the organization

  • Large volume of PII (Personally Identifiable Information)

  • Online storage of high-value intellectual property from research programs

  • Risks to reputation and student safety

  • Cultural norms within academia of openness and transparency

  • Reliance on an infrastructure of outdated legacy systems

The Valander Group can help. 

bottom of page