Data Security Is Everyone’s Responsibility
Recently I received a text from a number I didn’t recognize. It said, “Hey, are you still on your way?” Simple enough, right? Well, I knew instantly it was a scam. I would bet most of us have seen something like this before. I shook my head when I realized the message had arrived just a few days before the start of Cybersecurity Awareness Month in October.
Scammers exploit psychology. We may reply out of simple curiosity or because we don’t want to leave a stranger wondering why their message went unanswered. The moment we do, we've opened the door to a scammer.
As someone who has worked in technology for decades, I wasn’t surprised by the text. I also wasn’t fooled. But it reminds me: Cyber criminals don't have to be smart, just patient, and wait for us to let our guard down.
And that’s why cybersecurity is not just an “IT issue.” It’s an “us” issue.
Why Higher Education Is a Target
Universities hold a lot of valuable data: student records, research, financial information, payroll systems. Combine that with a constant influx of new students, faculty and staff every year, and you’ve got a place where attackers see opportunity.
Examples are everywhere. in the last several years, many universities faced ransomware attacks that shut down email, locked faculty out of research, and left students struggling to access coursework. Those incidents didn’t happen because of some high-tech, Hollywood-style hacking scheme, but more likely because someone clicked the wrong link.
Recent analysis highlights a troubling trend: ransomware attacks against schools, colleges, and universities increased by 23% in the first half of 2025 compared to the same period in 2024, according to Comparitech’s Ransomware Roundup: H1 2025 report. The study also found that the average ransom demand in those incidents was roughly $556,000, underscoring the growing financial risk facing higher education institutions (Comparitech, 2025).
What’s at Stake
If a student becomes a victim of a phishing scam it can mean identity theft, stolen financial aid dollars, or hacked social accounts.
For faculty and leaders at a university, it could mean stolen intellectual property or disrupted teaching and research.
And for the institution, the stakes are even higher: downtime, compliance risks, reputational harm, and, perhaps most importantly, a loss of trust.
That’s why, at WGU, cybersecurity is part of our culture, not a talking point.
The Human Factor
According to Verizon’s 2024 Data Breach Investigations Report, 68% of breaches involved a human element, from falling for a phishing or credential theft to simple misconfigurations, not with some elaborate Hollywood-style hacking scene, but with a single click.
- That means the strongest security we have is us.
- Pausing before clicking.
- Questioning an email that doesn’t feel right.
- Using strong, unique passwords (or a password manager).
- Taking advantage of multi factor authentication.
- Reporting suspicious activity instead of ignoring it.
Practicing good cybersecurity is a lot like washing your hands: it's simple, you should do it often and it prevents bigger problems from spreading. Our mission is to expand access and opportunity through education, and security is central to that mission. If we fail to protect our systems, we fail our students.
That is why we invest in strong identity systems, proactive monitoring and training across the institution. Security is built into our technological choices, not added as an afterthought.
Looking Ahead
The threat landscape will not slow down. That means we cannot either. At WGU, we are working on:
- Expanding multi factor authentication across the student and employee journey.
- Using real-time data monitoring to detect risks before they spread.
- Sharing best practices across higher education so all institutions can raise the bar.
The point is not only to defend against threats but to build trust. Every time a student logs in, they should feel confident their information is secure. Without that trust, we cannot deliver on our mission.
Cybersecurity is everyone’s responsibility. When you stay alert, when you take small protective steps, you help keep education open, accessible and secure for all.
