Opinion: Higher-Ed Cybersecurity Insights for 2026
Opinion: Higher-Ed Cybersecurity Insights for 2026
https://www.govtech.com/education/higher-ed/opinion-higher-ed-cybersecurity-insights-for-2026
Publish Date: 2026-07-14 19:28:00
Source Domain: www.govtech.com
Using an unordered list, summarize the following article with between 4 and 8 key points.
Understanding and keeping a keen eye out for trends in cybersecurity in 2026 might seem as time consuming as providing daily 24/7 help-desk support, but it’s important to try. This is true in the corporate environment, but equally important in higher education. It’s also helpful to consider what the next five years might look like based on current predictions. This month, I’m looking at trends in the business market and cybersecurity threats to provide some future guidance on the needs of higher education.BUSINESS INSIGHTSThe need to invest in cybersecurity hardware, software and monitoring tools is destined to continue for some time. According to the San Francisco-based business-consulting firm Grand View Research, “The global cybersecurity market size was valued at $271.9 billion in 2025 and is projected to grow from $302 billion in 2026 to $663.2 billion by 2033, at a compound annual growth rate of 11.9 percent from 2026 to 2033.” North America accounted for nearly 38 percent of the market share in 2025. The upward trajectory of cybersecurity has been phenomenal, and the increased use and integration of AI has been good for the industry, but bad actors generated significant dangers at the same time. People have been buying a lot of cybersecurity stocks, providing important capital and investments worldwide. Businesses and educational partners use their products and services every day. Some of these top names include Palo Alto Networks [PANW], Fortinet [FTNT], CrowdStrike [CRWD], Zscaler [ZD] and Okta [OKTA]. Financial experts are predicting that cybersecurity stocks will rise in the second half of 2026, particularly with the increased demand for AI integration in cloud computing, identity management and other AI-centric cyber toolsets. As cyber criminals turn to AI for nefarious purposes, institutions are putting more emphasis on AI applications to counter more sophisticated attacks and plug vulnerabilities.WHAT’S CHANGING FOR HIGHER EDColleges and universities are facing an ever-increasing onslaught and widening variety of cybersecurity challenges. Less than a decade ago, cyber experts were concerned about the rapid expansion of cloud computing, the increase in ransomware, and the challenges of managing remote-work environments and devices.While experts saw the growth of AI, many did not truly appreciate the speed of adoption and utilization across disciplines, for either good or bad outcomes. Traditionally there has been great focus on such threats as ransomware, phishing, data breaches and DDoS attacks, as well as the challenges of managing the risks of IoT and BYOD. In addition, higher education has been dealing with an epidemic of ghost students, or fraudulent applicants who can disrupt enrollment processes, financial aid, federal education grants and cloud data storage.What is changing today is the sheer acceleration of AI to implement defensive tools and strategies, while cyber attackers quickly counter these with their own weaponized, destructive playbook. Their intent is to bypass cyber safeguards and detection processes. A 2025 post on the cybersecurity company Seceon’s website lists a variety of strategies on how bad actors can use AI to outsmart cyber defenses, including AI-enhanced phishing attacks, AI-powered malware, deepfake-based social engineering schemes, and using AI to speed up traditional brute-force attacks. On its own list of this year’s top security concerns, the cybersecurity company SentinelOne cites data and model poisoning, privacy leakage, evasion attacks and hardware vulnerabilities.Another concern taking on increased significance is the risk of third-party IT vendors and suppliers. These situations can cause financial losses, a disruption of operational services and potential compliance violations, which can cause direct legal action or affect an institution’s ability to obtain cyber insurance. While this risk has been identified for some time, it has taken on additional significance in recent years. This problem can occur when an intruder gains a backdoor entrance into an institution’s data network by distributing malware or compromising a trusted vendor’s software. If that vendor has unmonitored access to an IT network, this can cause catastrophic consequences.HOW CAN HIGHER ED RESPOND?An important tool and strategy being promoted is “collaborative cybersecurity.” This was No. 1 on last fall’s EDUCAUSE Top 10 IT Issues list and is described as “building a cybersecurity culture of shared responsibility, end-user training, and improved access to security services and supports.” This concept proposes shared responsibility throughout the campus including faculty, staff, students and administration.Collaborative cybersecurity stresses the importance of managing and working together through change management, involving both academic and business leaders, and continual engagement in cyber awareness and training. Collaborative cybersecurity aims to break down silos, and in so doing has the potential to reduce costs and improve the necessary response times to mitigate cyber attacks and breaches.Collaborative ecosystems help to improve campuswide adoption particularly given the reality of resistant groups and individuals. This collaboration does not happen overnight. Campus leaders must be directly engaged in the process, and having an administrative campus cheerleader who works in tandem with the IT team is an important element. Clear and consistent communications are also essential. As Cyberpro Magazine pointed out in 2024, “An integrated approach involves embedding security considerations at every stage of the development lifecycle. Adopting a ‘shift left’ strategy — where security is incorporated early in the development process — ensures both teams share context, goals and tools. Using developer-friendly security tools can minimize unnecessary alerts, streamline workflows and provide actionable feedback.”THE FUTURE OF DATA SECURITYWhile it’s difficult to precisely predict the future of cybersecurity for higher education, there are some clues that can provide a helpful road map. It is extremely likely higher education will increasingly be seen by cyber criminals as a valuable target, and not just for extracting personal data. Colleges and universities also have a wealth of valuable research to protect. For example, cyber attackers are now utilizing a technique of double-extortion ransomware. As the cybersecurity company Palo Alto Networks warns, “double extortion ransomware adds a second layer to the cyber attack involving the ransomware operator exfiltrating files and threatening to publicly release the victim’s data unless the ransom is paid. The added threat increases the pressure on the victim to pay the ransom quickly and makes it more difficult for them to refuse to pay.” Another danger is “triple extortion,” in which an attacker makes ransom threats to third-party associates tied to the institution.All of this will require colleges and universities to work internally across departments, externally with other institutions, and with trusted vendors to continually monitor cyber trends, threats and defenses. As I’ve written before, cybersecurity is not a one-and-done proposition. It’s a full-time, 24/7 investment of people, time and resources, and that’s not likely to change any time soon.
Jim Jorstad is Senior Fellow for the Center for Digital Education and the Center for Digital Government. He is a retired emeritus interim CIO and Cyber Security Designee for the Chancellor’s Office at the University of Wisconsin-La Crosse. He served in leadership roles as director of IT client services, academic technologies and media services, providing services to over 1,500 staff and 10,000 students. Jim has experience in IT operations, teaching and learning, and social media strategy. His work has appeared on CNN, MSNBC, Forbes and NPR, and he is a recipient of the 2013 CNN iReport Spirit Award. Jim is an EDUCAUSE Leading Change Fellow and was chosen as one of the Top 30 Media Producers in the U.S.
See More Stories by Jim A. Jorstad