Tracing back to the roots of higher education in early 20th century America, brand reputation has always been at the core. As a new order of competition, specialization and word of mouth has emerged, the importance of university prestige has only solidified further. Now more than ever, making the headlines of evening newspapers, online forums or trending tweets due to a data breach is a daunting possibility, and it can certainly hurt you. We know that students, alumni, trustees and employees place trust at the center of their decision to associate, donate or attend. But more importantly, what will they do if they catch wind that their university has been breached with their personal and payment data at stake? Let’s find out.
Things have changed
Believe it or not, the ‘what’ and ‘how important’ of reputational risk for universities is changing by the minute. Although the past few years have accentuated business model, sexual assault, academic programs and student behavior, today is a new day and future threats to a university’s reputation are evolving. Going forward, the ones that make the top of the list include business models (enrollment trends, fiscal management, staffing levels, tuition management) and cybersecurity. If this isn’t alarming enough, consider a 2017 survey with respondents from 145 universities (trustee chairs, presidents, chief financial officers and other senior administrators), in which only 26% believed their institutions’ responses to reputational risk are consistently proactive, with 54% admitting they don’t have the ability to withstand a major reputational risk event. 54%!
The truth will prevail
Imagine the embarrassment of having to explain a preventable incident to your stakeholders, ranging from students and alumni to parents and trustees. Not fun right? Since reporting requirements emphasize credit-card, healthcare or personal information, it is impossible for a university data breach to stay out of the headlines. It all boils down to a simple statement by Timothy P. Ryan, managing director of the cyber-investigations practice at Kroll Inc. and former FBI agent: “for the same reason schools want winning sports teams, they don’t want to be that school that is constantly getting breached”.
Don’t count on apathy
As is the case with any perception-based measure, reputational costs are certainly real, yet difficult to pinpoint or quantify. Cynthia J. LaRose, an attorney at Mintz Levin who advises colleges on data breach compliance and response, describes the dilemma as “much harder for institutions of higher ed to quantify than it is for retailers, because retailers can see it in their stock price, they can see it in their sales.” For universities, however, reputational damage takes the form of a slow, steady burn that threatens to corrode decades of hard-earned status. Sprinkle this in with what we know about the increasing costs and containment periods of university data breaches, and the consequences can be quite unforgiving. Plus there’s the question of whether or not your institution is the best place to learn about business and computer science if it can’t protect itself.
Reasons to believe
Give everyone on and off campus a reason to believe in you. Learn how partnering up with us can preserve your university’s reputation while maintaining bottom-line profits, student satisfaction, and security.