CYBER SECURITY STRATEGIES FOR HIGHER EDUCATION INSTITUTIONS

Due to the large volume of data they manage, Higher Education Institutions (HEIs) are perfect targets for cyber attackers. University networks are open in design, decentralized and multi-user, making them vulnerable to cyber-attacks. The purpose of this research paper was to identify which is the recommended cyber security strategy and how comprehensive are these studies, within HEIs. The method proposed by Kitchenham was used, focused on the information community. Thus, the following results can be communicated: researchers recommend their own security strategies, because the standards analysed in the papers are not oriented on HEIs, and require important adjustments to be implemented. Most scientific papers do not describe risk management process. The implementation phases are also insufficiently analysed. The functions that the strategy addressed by HEIs should fulfill include identification, protection and detection. The validation methods used in the preimplementation and post-implementation phases are case studies and surveys. Most researchers recommend as final cyber security strategy IT Governance and security policies. The field of research has proved to be very interesting, the researches could contribute to the creation of a comprehensive cybersecurity strategy, focused on the specifics of HEIs, efficient, easy to implement and cost-effective