Sobering Statistics

  • Security breaches have increased by 11% since 2018 and 67% since 2014. (Accenture)

  • Hackers attack every 39 seconds, on average 2,244 times a day. (University of Maryland)​

  • The average time to identify a breach in 2019 was 206 days. (IBM)

  • The average lifecycle of a break was 314 days (from breach to containment). (IBM)

Here are some sobering statistics that leaders of higher education institutions should consider:

The University of California at San Francisco (UCSF) School of Medicine recently paid hackers $1.14 million so the school could regain access to data that had been encrypted by malware. UCSF networks were attacked by Netwalker ransomware on June 1, and the attack was detected on June 3.


"The data that was encrypted is important to some of the academic work we pursue as a university serving the public good," UCSF said in a statement. "We, therefore, made the difficult decision to pay some portion of the ransom, approximately $1.14 million, to encrypted data and the return of the data they obtained." 

In an interview with the New York Times, Kevin Morooney, the vice provost for information technology at Penn State University, said that on an average day, the university blocked more than 200 million hostile cyberattacks from around the world. 

That alarming number is not unique to Penn State. It demonstrates the need for all institutions of higher education-regardless of size-to ensure they have developed and implemented an up-to-date strategy to combat cybersecurity threats. 

Colleges and universities have unique challenges that other industry sectors may face:

  • Extensive and continually evolving user bases

  • The pressure to adopt new technology throughout the organization

  • Large volume of PII (Personally Identifiable Information)

  • Online storage of high-value intellectual property from research programs

  • Risks to reputation and student safety

  • Cultural norms within academia of openness and transparency

  • Reliance on an infrastructure of outdated legacy systems

The Valander Group can help. 

  • A Vulnerability Assessment is the "first phase" of a Penetration Test in many ways but has key differences. Its intended purpose is to identify vulnerabilities and weaknesses in the security perimeter of your organization and its assets. 

  • Using a multi-tiered approach, our consultants identify vulnerabilities by combining hardware and software-based tools, applications, and manual investigations. 

Vulnerability Assessment

Penetration Testing

  • To ensure confidentiality, integrity, and availability of your resources, vulnerability, and penetration testing is a must. If you do not know your systems' weaknesses, bad actors, can and will find them, and your world will change in the blink of an eye. 

  • A Penetration Test determines the efficacy of an organization's security controls.

  • Our experts simulate a comprehensive "real world" scenario, emulating the methods and attacks a malicious party would attempt against an organization

Cloud infrastructure

  • We are AWS experts

  • Cloud computing is faster, less expensive, and more secure. Deploy resources in minutes rather than weeks. Take advantage of servers across the globe to ensure uptime and minimize opportunity loss.

  • Allow your employees to work from home easily and effective. 

  • Easily set up a disaster recovery plan that includes worldwide resources.

  • Allow Valander to monitor your AWS network to ensure confidentiality, availability, and integrity.

  • Cloud computing is easier, cheaper, more secure, and faster than onsite or local data centers. Allow us to show you how.