CUCCIO

View Original

Cybersecurity Benchmarking SERVICE

The CUCCIO Cybersecurity Benchmarking Service is designed to identify and promote the use of effective security practices in the higher-education sector. The Project is open to all Canadian colleges and universities. The benchmarking process includes gathering information from a cybersecurity rating service, from online surveys, and from online discussions. Participating institutions receive one year of forensics data, performance scores for things like out-of-date server software and botnet infection levels, and their overall rating. Survey data is collected regarding the use of multi-factor authentication, simulated phishing campaigns for user education, vulnerability management practices, automated or manual responses to systems compromises and other areas of interest. Survey results are compared to ratings and scores. 

Botnet infections example

The chart below shows the Botnet infection score for 40 universities. In this chart, the universities are arranged from left-to-right from the smallest primarily undergraduate institutions to large research-intensive universities. Botnet scores generally decline with the size of the institution due to the increasing number of infected student-owned devices on wireless and residence networks. 

Botnet infection scores for 40 universities - higher is better

There was a correlation between higher scores (fewer detected infections) and the combined use of next-generation firewalls along with DNS firewalls to block command and control traffic from infected devices. This led some institutions to both put in place DNS firewalls and to make more effective use of their existing firewalls. 

A final report, with recommendations, is provided to all participants. 

The service began in 2018 with 40 universities. By 2023 the service had grown to include 175 colleges, universities and research organizations. To date the benchmarking service has focused on two broad areas of interest: best practices for protecting people and for protecting systems. In recent years the benchmarking service has also expanded to provide a continuous monitoring security feed for each participating organization and a third party assessment feature.

For more information on this project, please contact Brian Lesser at blesser@ryerson.ca