PERSPECTIVES FROM THE CAMPUS

One of the strengths of Indiana is that we bring together a variety of perspectives from the plethora of areas that touch the field of cyber, especially through the colleges, universities, and other institutions of higher education throughout our state. Hence the name, “Perspectives from the Campus”, we invite experts – immersed in the pursuit of educating their students – to offer their knowledge for finding solutions in cybersecurity that benefit all Hoosiers.

In the latest installment of this series, David Dungan, who serves as the executive director at the Center for Security Services and Cyber Defense at Anderson University, discusses how cybersecurity has evolved, in terms of its importance, for protecting the assets of an individual as well as the critical infrastructure that exists within the communities where we live.

By David Dungan

As the digital landscape continues to evolve, we’ve come to the realization that cybersecurity is a necessity when it comes to protecting not only our personal information, but it is also essential to safeguarding the critical infrastructure that exists within every community in Indiana, regardless of its size.

Being proactive can make a difference in mitigating risks and maintaining a level of consistency in terms of our security.  Cyber threats are no longer rare events, they’re a constant reality for individuals, businesses, and institutions. The number of cybercrime complaints per year has steadily increased since 2020 from under 780,000 to almost 900,000 in 2024. Whether it’s protecting sensitive data, ensuring system uptime, or avoiding financial loss, cybersecurity has become a vital part of navigating today’s world. Understanding the value of early investment in strong security practices is key to staying secure and resilient.

Cyberattacks are more than just technical problems, as even a minor incident can, potentially, carry with it, significant consequences for financial and operational well-being. The impact is wide ranging – from ransom demands and regulatory fines to losses in productivity and a negative impact on a company’s reputation. The overall cost of a breach can escalate rapidly.

One disruption can lead to:

• Missed deadlines
• Lost customers
• Expensive recovery efforts
• Legal consequences
• Negative impact on your reputation, image, or brand
• Fines

More than that, these risks are not limited to large organizations; small- and medium-sized businesses in the private sector, as well as local government (including our schools) and individuals can face even greater challenges recovering from an attack due to a variety of issues that include limited resources and a lower level of security controls.

It’s no secret, too, that the cyber incidents and cyberattacks we’re seeing and experiencing continue to increase at a rapid rate, both in terms of their sophistication and frequency.

In 2020, the FBI reported that it received over 2,000 internet crime complaints a day. The FBI also reported that there were $4.2 billion in victim losses in 2020. From 2020 to 2024, both the frequency and cost have increased, with the financial loss being more than double what it was in 2020. As attacks become more common and costly, cybersecurity has become a necessary part of any responsible strategy. Phishing attacks were the most frequent in both years. These are attacks, in which someone tries to trick you into doing something by pretending to be a trusted source. This means even basic awareness and preventive measures can make a meaningful impact.

Investing in cybersecurity protects more than just data; it safeguards the ability to operate, grow, and adapt. In addition to helping to reduce the likelihood of costly disruptions, it enables even a smaller business or organization to  and build a reputation for responsibility and trust.

It even helps financially, as companies that regularly trained its employees on phishing attacks had a larger return on their investment. When an attack does occur, the Cybersecurity Infrastructure and Security Agency (CISA) reported that companies with incident response plans recovered at a rate that was 77 percent faster than companies without one. If that incident caused a disruption to operations, a company with an incident response plan would save more resources like time and money. For the individual, someone could mitigate their risk by taking the time to educate themselves and be aware of possible threats like phishing attacks or fraud that can be hidden in a text, an email or a deepfake video.

As we celebrate Cybersecurity Awareness Month in October, it’s important to keep in mind that investing in cybersecurity is something that can provide a return and pay a dividend every day and it’ll help in building our confidence to navigate the challenges ahead of us while at the same time avoid more of the scams that have landed in our inbox since we started our day!