https://library.educause.edu/topics/cybersecurity/incident-management-and-responseen{3DD1812D-6927-47C8-92F0-675D782A3EB4}https://library.educause.edu/resources/2025/7/educause-comments-updated-concerns-about-proposed-circia-regulationsEDUCAUSE sent a letter to the acting director of CISA in June 2025 that highlights the concerns that we raised about the proposed CIRCIA regulations in 2024 and discusses how Trump administration directives reinforce our conclusion that higher education institutions should not be considered covered entities under the final rules, whenever they are released.Thu, 31 Jul 2025 20:06:53 Z{98BF8D9F-57CD-47A8-81D3-F8B35D6D8DF8}https://library.educause.edu/resources/2025/3/2025-horizon-action-plan-supporting-agency-trust-transparency-and-involvementThis report describes how advancing the future of higher education cybersecurity and privacy will be done by supporting agency, trust, transparency, and involvement among stakeholders.Thu, 13 Mar 2025 17:09:12 Z{83C07445-216E-4A6C-AD6C-8838FD21B272}https://library.educause.edu/resources/2024/8/abstract-business-continuity-and-disaster-recovery-toolkitUse the guidance and templates in this toolkit to prepare for disruptive events before they happen.Thu, 15 Aug 2024 19:34:16 Z{FFE47D4F-2DA6-4B85-A979-0C546A57A3DC}https://library.educause.edu/resources/2024/2/educause-comments-far-cyber-incident-reportingOn February 2, 2024, EDUCAUSE was joined by COGR and the Association of American Universities (AAU) in submitting comments on proposed changes to the Federal Acquisition Regulation (FAR) that could impose cyber incident reporting and software bill of materials (SBOM) development/maintenance obligations on all federal contractors, including colleges and universities. Mon, 19 Feb 2024 17:29:33 Z{30E76C51-2E8F-4D9C-85DF-82611FBDA45D}https://library.educause.edu/resources/2021/11/arctic-ews-research-paperThis is a joint research project of Arctic Security and EDUCAUSE, The goal was to establish the utility of external cybersecurity monitoring for higher education, and to identify services that could be made easily accessible and boost the cyber defenses of the association’s members. Mon, 08 Nov 2021 19:07:53 Z{573E2118-CFFA-4728-9554-64F12C5CC75A}https://library.educause.edu/resources/2021/2/2021-educause-horizon-report-information-security-editionThe 2021 EDUCAUSE Horizon Report profiles key trends and emerging technologies and practices shaping the future of information security, and envisions a number of scenarios and implications for that future.Wed, 05 Jul 2023 16:33:24 Z{512D6924-F110-4105-9DB2-F38ED22124F8}https://library.educause.edu/resources/2020/8/campus-security-awareness-blogs-2020These 12 EDUCAUSE Review Security Matters column blog posts are part of the 2020 Campus Security Awareness Campaign.Thu, 20 Aug 2020 20:28:39 Z{A38DD181-3E92-4B1A-A940-263DC4E4ECEF}https://library.educause.edu/resources/2019/10/national-student-clearinghouse-playbooksThe National Student Clearinghouse has created incident response playbooks with suggested processes that colleges and universities can follow. Fri, 04 Oct 2019 19:23:36 Z{E9E679E0-B28C-4635-9B4C-91DEBE28E64C}https://library.educause.edu/resources/2019/6/security-operations-center-soc-case-studyHigher education institutions are beginning to organize operational security into security operations centers to monitor and respond to security incidents as a means to improve efficiency.Wed, 29 May 2019 15:09:16 Z{CF16CCB3-A1CA-460E-A75C-973ED6262453}https://library.educause.edu/resources/2018/10/why-cybersecurity-matters-and-what-registrars-enrollment-managers-and-higher-education-should-doThe purpose of this white paper, jointly written by the National Student Clearinghouse, EDUCAUSE and REN-ISAC, is to build upon registrars’, enrollment managers’, IT’s and higher education’s day-to-day, nationwide dialog around cybersecurity and vulnerabilities.Fri, 28 Sep 2018 21:00:13 Z{F1B94464-ED47-4691-BF01-1F51CC2DE181}https://library.educause.edu/resources/2017/4/2017-trends-and-technologies-security-identity-privacy-and-grcThis report covers the 20 technologies and 9 trends included in the security, identity, privacy, and GRC (governance, risk, and compliance) domain.Wed, 05 Apr 2017 19:04:02 Z{7C946335-E94F-402F-AC82-888F7F15B932}https://library.educause.edu/resources/2017/2/searching-for-a-smoking-gun-chasing-a-silver-bullet-data-breaches-in-higher-educationThe EDUCAUSE Center for Analysis and Research (ECAR) published its first look at data breaches in higher education in 2014. Our current research looks at whether any factors increase or decrease the likelihood of a higher education data breach. Is there a smoking gun, something found in every higher education data breach? And, conversely, is there a silver bullet—a control or controls that higher education institutions can employ to prevent data breaches?Tue, 14 Feb 2017 19:36:15 Z{DB6A5799-D966-48F4-A85F-67DED33C1D01}https://library.educause.edu/resources/2016/10/top-attack-techniques-top-human-risks-and-how-to-create-a-cyberaware-cultureWhat are the scariest new attack techniques in 2016? What are the top human risks organizations are currently facing? Join the head of the Internet Storm Center and the director of SANS Securing The Human to discover how you can prepare for threats posed by technologies and people, and leverage that knowledge to create a more "cyberaware" culture on campus.Fri, 07 Oct 2016 21:50:59 Z{D162115B-8A3D-4567-9986-F1B9B2ABA07E}https://library.educause.edu/resources/2016/9/splunkSplunk is a log management, search, correlation, and data visualization tool. More institutions are starting to use this type of predictive analytics tool to better understand the large amounts of machine (i.e., log) data being generated across the institution. Better analyzing this data means that more informed business decisions can be made across the institution.Thu, 08 Sep 2016 23:00:05 Z{08C15277-6FA1-4295-A42C-F85E63E045FD}https://library.educause.edu/resources/2016/6/top-10-steps-to-manage-it-security-in-todays-worldEDUCAUSE Live! Webinar on managing cybersecurity in higher education.Fri, 24 Jun 2016 17:33:24 Z{DB7AB5CE-27DB-4416-BA34-6749EE32DB07}https://library.educause.edu/resources/2015/9/brandeis-university-2015-disaster-recovery-tabletop-exercise-plan-explanAll organizations experience unexpected and unwanted disruptions to their day-to-day operations. Too often organizations view an IT emergency as something solely handled by their IT unit.Tue, 22 Dec 2015 17:37:58 Z{BCA28761-3111-4B2B-B71B-E7AF12628B74}https://library.educause.edu/resources/2013/11/reporting-electronic-security-incidentsThis policy is in regards to users of information technology devices connected to the Cornell network, who must report all electronic security incidents promptly and to the appropriate party or office.Tue, 22 Dec 2015 17:35:18 Z{99C269B2-67D4-4FCD-81AA-3ED4CCA89421}https://library.educause.edu/resources/2011/5/catch-a-clue-from-an-edu-universities-that-get-security-rightIn these days of consumer gadgets and mobile access, corporations can learn a lot from how universities deploy multiple layers of security.Tue, 22 Dec 2015 17:28:06 Z{0C896FE6-8B8D-412E-9EC0-3DA04CC968F8}https://library.educause.edu/resources/2010/8/be-preparedThe first rule of incident management is to accept that you will have an incident. Use these five best practices to get your institution ready.Tue, 22 Dec 2015 17:24:45 Z{29EE87A3-E057-455D-96B2-08EED3A11D76}https://library.educause.edu/resources/2024/7/cyber-incident-reporting-for-critical-infrastructure-act--circia-reporting-requirementsOn July 1, 2024, EDUCAUSE joined with the American Association of Collegiate Registrars and Admissions Officers (AACRAO), the Association of American Universities (AAU), the Association of Governing Boards of Universities and Colleges (AGB), the Association of Public and Land-grant Universities (APLU), and the National Association of Independent Colleges and Universities (NAICU) to submit comments regarding the reporting requirements proposed by the Cybersecurity and Infrastructure Security Agency (CISA) under the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA).Mon, 01 Jul 2024 19:51:43 Z