Context and Aims of Research
Over the past two years, universities and colleges around the globe have experienced malware attacks, including ransomware. By definition, ransomware is a form of malicious code or malware infecting a computer and spreading rapidly to encrypt the data or to lock the machine. Though Chief Information Officers (CIOs) and their IT Security experts in academic institutions in the United States and Canada have deployed a number of countermeasures in the fight against malware, no recent study has been published that details the effectiveness of these countermeasures. Most of the survey data collected to date has focused on businesses.
This survey, consisting of 46 previously published items for the business sector, is intended to solicit your responses to the items presented below as a means of filling this void in the North American university educational institution sector. This research project is being conducted at Laurentian University, Ramsey Lake Road, Sudbury, Ontario, Canada P3E 2C6 by these investigators: Dr. Bernadette Schell, Director of Cybercrime Initiatives; Dr. Kalpdrum Passi, Associate Professor of Computer Science; and Luc Roy, Chief Information Officer.
You are being asked to complete this survey because you are your institution’s CIO, IT Manager, IT Director, CISO, or in some related role—and you are knowledgeable about IT security issues within your institution. We appreciate your cooperation in providing this much-needed information so that we can publish these results in an effort to make our educational institutional networks more secure and resilient to a variety of threat vectors.
As members of your universities' cybersecurity teams, we hope that you will be better able to prevent and recover from malware attacks, based on "best practices" of other North American universities, as provided by these survey findings and transmitted to the community.
Please note that the research objective aims and survey were vetted and approved for distribution by administrators at both Educause (Joanna Grama, Director of Cybersecurity and ITGRC Programs) and CUCCIO (Lori Macmullen, Executive Director). We have committed to publishing an article on our survey findings for Educause and would be pleased to send a copy to respondents who provide a request for such and an email address.
Please also note that the Laurentian University Research Ethics Committee has vetted and approved this survey for online distribution. There are known risks to participating in this study. Participants may contact an official not attached to the research team regarding possible ethical issues or complaints about the research itself. Here is the contact information:
-
Research Ethics Officer
-
Office of Research Services
-
Telephone 705-675-1151, ext. 3681 or 2436 (Sudbury, Ontario)
-
Toll free: 1-800-461-4030
-
Email: ethics@laurentian.ca
Measures Taken to Ensure Respondents’ Confidentiality, Anonymity and Privacy. We understand the importance of confidentiality, anonymity, and privacy to respondents. To this end, only group data findings will be published and not individual respondents’ answers. Also, please understand that all participants have the right not to participate or to complete the questionnaire as a whole. It is the research investigators’ understanding that respondents have read this introductory information and that they accept to complete the questionnaire. Therefore, although survey respondents are not being asked to sign a consent form, we understand as the investigators that information relevant to respondents’ participation in this study is being transmitted in this covering letter, and that answering questions and completing our survey will be interpreted as giving consent. Finally, we will not be collecting data on ISP addresses, and while we accept that US respondents may have concerns about confidentiality and the Patriot Act, we want to underscore that survey data will reside on Laurentian University servers, housed in Canada.
Instructions to Participants: The 46 survey items are available on this URL. We appreciate your cooperation in providing this much-needed information so that we can publish these results in an effort to make our educational institutional networks more secure and resilient to a variety of threat vectors. While we understand that you have the right to not answer any of the questions provided, we hope that respondents will try to complete all of the items so that we have a comprehensive set of responses. If you are not sure of a response, we have generally provided a “Don’t know” for the bulk of items. Finally, if you wish a copy of our survey results, please include your email address at the end of this survey. Otherwise, you can read our findings article on the Educause website.
Thank you again for partaking in this study and for answering our survey questions. If you have any questions for the research team, kindly share them with Dr. Passi, whose coordinates are stated below.
Dr. Kalpdrum Passi, Associate Professor, Computer Science
-
Telephone: 705-675-1151, ext. 2345
-
Toll Free: 1-800-461-4030
-
Email: kpassi@cs.laurentian.ca
Luc Roy, Chief Information Officer
Dr. Bernadette Schell, Professor and Director, Cybercrime Initiatives
There are 49 questions in this survey.
