Cover awareness measurement shows students at tables with laptops

Awareness measurement education and research 2023: embed awareness organisation-wide

During the cybersecurity month, SURF and BDO present the results of the security and privacy awareness measurement in education and research. One of the recommendations of this measurement among 70 institutions is to embed awareness structurally, organisation-wide and at all hierarchical levels.

Main conclusions

Employees, as in the 2022 measurement, are convinced of the importance of cyber-safe and privacy-aware behaviour, but have limited motivation to pay attention to it. This is because they lack support within their institution and the lack of clarity on what secure working means in practice. They are reasonably satisfied with the facilities at their disposal, but a strong security-awareness culture is lacking. Respondents were less positive about the role model role of managers compared to last year.

Results across the board better than in 2022

On average, participating institutions scored a 6.5. This is an improvement from the 2022 measurement where the average score was 6.1.


  • Ensure that awareness activities and materials connect to daily work in education and research.

    Invest in a strong security awareness culture by embedding awareness structurally, organisation-wide and at all hierarchical levels. For example, by making security and privacy a regular part of the onboarding of new employees.
  • Remove barriers to working safely.
  • Invest extra in teachers, researchers and managers.
  • Focus on specific themes such as secure software and safe storage and sharing of personal data.

About the measurement

In early 2023, 70 institutions (wo, hbo, mbo, other - including libraries and research institutes) took part in a cybersecurity-awareness measurement as part of SURF's Cybersave Yourself service, in collaboration with BDO Cybersecurity and the Centre of Expertise Cyber Security of The Hague University of Applied Sciences.

Download the Awareness Measurement 2023
Awarenessmeting 2023

October = cybersecurity month

Throughout the month of October, organisations worldwide draw extra attention to cybersecurity (awareness). SURF is no exception. On the SURF Security Expertise Centre website, you will find an overview of all the activities you can follow this month. There you will also find various content divided over three themes: awareness and trends, prevention of cybercrime, first aid in case of cybercrime.

This article is relevant to