Publication Date

December 2018


This work seeks to answer the question: Does faculty cybersecurity knowledge gained from teaching and research transfer to other IT units in the university? Specifically, do colleges and universities that excel in cybersecurity teaching and research have more secure websites? This work explores a unique setting where the knowledge of the source and recipient are both directly related and observable without outside intervention. Our study employed data from 591 U.S. colleges and universities, the National Centers of Academic Excellence (CAE) program, accepted paper data from the ACM Conference on Computer and Communications Security (CCS) and the IEEE Symposium on Security and Privacy (SSP), as well as the results from the SSL Labs Server Test. Our data suggest that universities with cybersecurity research excellence receive higher grades for website security. However, university website security is not significantly associated with cybersecurity teaching excellence, institution size or tuition costs.