skip navigation

Justinfo Subscribe to Stay Informed

Add your conference to our Justice Events calendar


NCJRS Abstract


Subscribe to Stay Informed
Want to be in the know? JUSTINFO is a biweekly e-newsletter containing information about new publications, events, training, funding opportunities, and Web-based resources available from the NCJRS Federal sponsors. Sign up to get JUSTINFO in your inbox.

The document referenced below is part of the NCJRS Library collection.
To conduct further searches of the collection, visit the NCJRS Abstracts Database.

How to Obtain Documents
NCJ Number: NCJ 215953     Find in a Library
Title: Impact of Information Security in Academic Institutions on Public Safety and Security: Assessing the Impact and Developing Solutions for Policy and Practice
  Document URL: PDF 
  Dataset URL: DATASET 1
Author(s): Steffani A. Burd Ph.D.
Corporate Author: Columbia University Teachers College
United States of America
Date Published: 2006
Page Count: 264
  Annotation: This study assessed the state of information security in academic institutions and developed recommendations for policy and practice.
Abstract: The results suggest that academic institutions are developing a baseline level of information security. Over three-fourths of respondents reported increases in the number of attacks on their institutions compared to last year, including laptop thefts, copyright infringement, and denial of service attacks. Yet over half of the academic institutions did not employ a full-time information security officer or any full-time staff members dedicated to information security. Less than one-fourth of responding academic institutions had a formal information security policy in place. Responding institutions performed a variety of assessments over the past year, most frequently vulnerability assessments and audits. A broad range of security technologies have been utilized by responding agencies; the most commonly used technologies included anti-virus software, spam filtering, and perimeter firewalls. More than three-fourths of responding institutions considered themselves either “well prepared” or “somewhat prepared” to defend against a major information security incident. A “data-based roadmap” of practical recommendations for policy and practice were developed based on the findings. Six steps are recommended for achieving a baseline level of information security: (1) locate and classify information assets; (2) build awareness; (3) tighten security policies; (4) establish mandatory training; (5) automate and institute processes; and (6) empirically assess activity. The study design included a field survey entitled the Information Security in Academic Institutions Survey, which was completed by 72 information security professionals in academic institutions and open-ended interviews with 12 professionals. Additionally, two academic institutions provided network activity data. Future research should focus on quantifying the threat posed to public safety and security by academic institutions and should assess the types and volume of criminal activity occurring in academic institutions. Exhibits, endnotes, appendixes
Main Term(s): Schools ; Information Security
Index Term(s): Surveys ; Personal interviews ; NIJ grant-related documents
Sponsoring Agency: National Institute of Justice (NIJ)
US Department of Justice
Office of Justice Programs
United States of America
Grant Number: 2004-IJ-CX-0045
Sale Source: National Institute of Justice/NCJRS
Box 6000
Rockville, MD 20849
United States of America
Type: Report (Study/Research)
Country: United States of America
Language: English
  To cite this abstract, use the following link:

* A link to the full-text document is provided whenever possible. For documents not available online, a link to the publisher's web site is provided.