Abstract:
Academic institutions are increasingly implementing digital services and new technologies, for a modern and accessible educational environment. But the virtual environment creates unknown vulnerabilities that need to be addressed properly. The holistic approach to cybersecurity in academia as a system has major benefits. But the main question is how this can be done in practice, as long as universities are heterogeneous complex environments. The proposed solution can be used to implement a security system in academia, is compliant with the security standard ISO 27001 and developed by applying the scientific method of Security Requirement Engineering.