Oracle Information InDepth



Stay Connected

Oracle on Facebook Oracle on Twitter Oracle on LinkedIn Oracle on Youtube

July 2014

Subcribe Subscribe Forward Forward

Back to the main page

Higher Education Is the Latest High-Value Target for International Cybercriminals

As massive data breaches at multiple US universities this year have proved, higher education institutions everywhere are becoming prime targets for cybercriminals.

Reasons for the targeting include the open, collaborative sharing and decentralized ecosystems that are characteristic of colleges and universities. The internal systems at colleges and research institutions contain personal financial information, intellectual property, and years of research results that are prized by thieves and nation states.

In fact, cybercriminals are specifically targeting colleges and universities. "Colleges and universities are experiencing millions of hacking attempts into information systems weekly," says Erica Daniel, Oracle director of industry solutions. "The impact of a data breach is not only financial but reputational, and can affect the competitiveness of an institution. Cybersecurity is no longer purely an IT issue but must be seen as a business issue as well."

Daniel is part of a steering committee in which industry experts discuss cybersecurity threats to higher education. The committee convened at an Oracle Industry Strategy Council meeting in Washington DC in June 2014.

Schools may endure a variety of consequences in the aftermath of a cyberattack, she says. Stolen social security numbers, bank account information, and passwords of students and faculty may lead to significant financial losses. In addition, if a school is seen as being unable to protect personal information it may be harder to attract new students. And a breach of valuable research findings could result in competitive damages as well as national security risks.

Modern Security Strategies
Today's cybercriminals are highly sophisticated and may have been commissioned by foreign governments, Daniel says. To counter these attacks, colleges and universities must develop holistic approaches to cybersecurity that go beyond the IT department to include faculty, administrators, and business department managers, she adds.

How else can institutions better defend themselves? "The National Institute of Standards and Technology (NIST) employs the best and brightest minds around when it comes to developing security standards. NIST's special publications for security provide comprehensive controls for protecting against threats to government services, citizen data, and national infrastructure such as power grids and water supplies. I think those security challenges are analogous to what we're seeing in higher education," says Daniel.

Oracle helps public sector organizations, including those in higher education, by designing its technology stack to conform to applicable NIST specifications, in many cases working with NIST to certify security tools to existing standards. This includes Oracle's engineered systems. That design focus gives IT managers greater visibility throughout the entire stack to detect anomalous activity. Management tools within engineered systems, such as Oracle Enterprise Manager, offer visibility into performance that can help IT managers spot anomalies.

New threats from widespread use of mobile applications is another important risk for modern security strategies to address. Oracle Mobile Security Suite gives IT managers a way to create secure containers to protect sensitive information on mobile devices.

Another focus area is the valuable security information institutions routinely collect in audit logs. Oracle Audit Vault and Database Firewall enables IT managers to perform detailed audits to help identify risks. For example, if someone attempts and fails multiple times to log into a database, the solution sends off a proactive alert. It also protects audit logs against tampering.

Learn more about Oracle security solutions for the public sector and the full breadth of Oracle security solutions, including Oracle solutions for mobile security.

To regularly receive more information about Oracle security solutions, subscribe to the free Oracle Security Inside Out newsletter.

Back to Top

Please send questions or comments to

This document is provided for information purposes only, and the contents hereof are subject to change without notice. This document is not warranted to be error-free, nor is it subject to any other warranties or conditions, whether expressed orally or implied in law, including implied warranties and conditions of merchantability or fitness for a particular purpose. We specifically disclaim any liability with respect to this document, and no contractual obligations are formed either directly or indirectly by this document. This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission.

Copyright © 2014, Oracle and/or its affiliates. All rights reserved.
Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.

Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. AMD, Opteron, the AMD logo, and the AMD Opteron logo are trademarks or registered trademarks of Advanced Micro Devices. UNIX is a registered trademark of The Open Group.

  Hardware and Software, Engineered to Work Together

Contact Us | Legal Notices and Terms of Use | Privacy

Oracle Corporation


Oracle Corporation - Worldwide Headquarters, 500 Oracle Parkway, OPL - E-mail Services, Redwood Shores, CA 94065, United States

Your privacy is important to us. You can login to your account to update your e-mail subscriptions or you can opt-out of all Oracle Marketing e-mails at any time.

Please note that opting-out of Marketing communications does not affect your receipt of important business communications related to your current relationship with Oracle such as Security Updates, Event Registration notices, Account Management and Support/Service communications.