Strengthening Cybersecurity in Higher Education: A Collective Approach to Safeguarding Research and Learning

Ransomware attacks on colleges and universities increased 23% in the first half of 2025. In 2023, confirmed incidents surged 70% compared to 2022, indicating that higher education is a primary target.

When attackers disable learning management systems or exfiltrate years of research data, academic operations halt, research progress stalls, and student confidence declines.

The FBI warns that foreign nation-states and sophisticated threat actors view university research as a shortcut to strategic advantage. Each stolen dataset undermines national competitiveness and academic freedom. Insider threats and supply chain vulnerabilities further elevate risk.

No single campus can match the speed or scale of today’s adversaries. Federal agencies urge institutions to participate in vetted information-sharing communities, conduct joint tabletop exercises, and implement rapid response based on shared threat intelligence. Integration of automated detection and response tools enhances this collective defense.

In my engagement work at the REN-ISAC, I build trust and encourage active participation, connecting members and stakeholders to a shared mission through clear collaboration and responsive communication. This strengthens the community’s resilience and accelerates incident response.

Actions leaders should prioritize now:

1. Map critical student and research workflows to identify vulnerabilities, and enforce multi-factor authentication across all access points.
2. Join vetted information-sharing organizations to receive timely threat indicators and peer support.
3. Conduct comprehensive tabletop exercises simulating double extortion ransomware targeting administrative and research systems to test preparedness.
4. Invest in cyber workforce development and retention, recognizing that collective intelligence amplifies limited staff capacity.
5. Implement continuous patch management and deploy endpoint detection and response (EDR) solutions as foundational controls.
6. Foster a security-aware culture that prioritizes vigilance and rapid reporting at all organizational levels.

Knowledge and innovation depend on a secure foundation. Sustained commitment to collective defense and proactive leadership will ensure learning and research continue uninterrupted.