Today's higher education institutions struggle with balancing cybersecurity and data privacy, two distinct yet linked pillars of the digital age. Privacy and cybersecurity are both crucial in protecting sensitive research data, student information, and institutional reputation. However, they frequently have opposing priorities and occasionally clash.
Defining Cybersecurity and Privacy
Cybersecurity is the protection of institutional systems, networks, and data against unauthorized access and cyber-attacks. This includes use of technical safety tools like firewalls, encryption, and monitoring, as well as reaction processes. In contrast, privacy focuses on how personal information is acquired, used, shared, and protected. It highlights the importance of individual rights and regulatory compliance.
While both domains frequently overlap on shared goals, their approaches to achieving these goals differ significantly. Cybersecurity teams prioritize threat detection and containment, whereas privacy teams focus on data acquisition limits, role-based access, and responsible use.
Where Conflicts Arise
Despite sharing similar goals, sometimes the two functions can clash. For example, in a particular case, cybersecurity may resort to increased user monitoring to detect threats, while privacy experts may raise concerns about this surveillance and over-collection of data. One domain prioritizes visibility and control; the other emphasizes consent and minimalism.
In many institutions, cybersecurity and privacy are a part of different departments - IT and legal or compliance which can often lead to disagreements. Without coordination, one group’s solution can undermine the other’s principles. This divide in the organization can also result in resource imbalances, with the privacy domain often receiving less staffing or budget than cybersecurity, hindering potential collaboration efforts.
A Shift Toward Collaboration
Many colleges and universities are now looking into governance frameworks that ensure cybersecurity and privacy go hand in hand. Some keep the two teams separate but interconnected, like multiple teams working together on common issues. Others are experimenting with integrated roles or cross-functional committees to ensure effective cooperation.
Institutions that encourage collaboration between these two groups are likely better equipped to respond to shifting threats while maintaining trust and transparency with stakeholders.
How myLaminin Bridges the Gap
myLaminin provides a cloud platform for research institutions to coordinate their cybersecurity and privacy activities. It provides features like data encryption, role-based access restrictions, PHI data management, integrated eSignature agreement management, audit trails, data retention capabilities, and compliance with regulatory standards that offer security while maintaining privacy requirements.
By providing an integrated platform for Principal Investigators (PIs), their extended teams, Research Legal Services, Research Ethics Boards, Research Librarians, and IT, myLaminin streamlines operations, and ensures that sensitive research and personal data are only available to authorized users. Its' built-in activity tracking enables institutions to monitor security events and promote data access transparency, making it easier to meet compliance requirements while maintaining privacy. It also helps institutions to align with the regulatory requirements.
Conclusion
In today's complicated data landscape, it would be myopic to see cybersecurity and privacy as opposed forces. For better results, institutions must recognize their shared obligation to secure not only their systems but also the people and data that power them. With a systematic approach and help from platforms such as myLaminin, higher education may make significant progress by balancing cybersecurity and privacy.
References:
Frontiers | Building our research administrator workforce as our clinical and translational research programs become increasingly complex
__________________________________
Pranati Rawat (article author) is a myLaminin intern and studying Economics at Western University.
Comments