Advancements in technology have positively influenced the higher education in terms of delivering instructions and other services. However, as more organizations continue to embrace technology in their online operations, the risk of information security attacks cannot be underestimated. Higher education institutions have a risk of information security attacks since they have the least secure environment to protect information resources and systems. In addition, colleges, universities, and non-profit groups are very vulnerable to security breaches especially those which entail identity theft. Thus, most hackers prefer to use university and college information systems to hide their identities especially when they intend to launch attacks on commercial systems. The attackers target information systems from these institutions because they contain personal and financial information for students, alumni, employees, and other relevant stakeholders. Failure to safeguard these information systems could or have already resulted in the loss of reputation and finances of the affected individuals and institutions. A questionnaire was distributed to information technology department administrators at higher educational institutions in the Kingdom of Saudi Arabia and further analyzed. This paper aims at discussing the analysis results which include security threats that face these institutions, as well as the security systems they use.