Information Security in Higher Education Institutions: A Systematic Literature Review

Abstract

Information security in institutions of higher learning continues to be a concern. This is substantiated by the many security-related incidents that have occurred in these institutions over the past decade. In this study, we expound on the vulnerabilities and threats faced by higher education institutions and identify the information security measures that can be adopted to ensure safety. The study identifies insiders, poorly implemented information security frameworks, decentralized networks, Bring Your Own Device (BYOD), and a lack of investment in information security in HEI as the highest vulnerabilities. Accordingly, the study identifies social engineering attacks, distributed denial of service attacks, malware, and insider threats as potential threats and attacks on information in HEI. Furthermore, the findings of this study suggest multi-faceted information security measures encompassing technological, organizational, environmental, and human measures to ensure information security protection in HEI. The study identifies gaps for areas of further research.

Keywords: Information Security, Information Security Measures, Information Security Behavior, Higher Education Institutions, Vulnerabilities, Threats, Risk