British Universities Have Many Cyber Threats

Uploaded on 2018-06-19 in NEWS-Cybersecurity News, JOBS-Training, FREE TO VIEW

Emerging online threats and tough new penalties for data breaches are forcing universities to take cyber security more seriously than ever.  Universities are bombarded on a daily basis with information about cybercrime and security, almost to the point where it feels that little else needs to be done other than trust in the IT department’s skills and get on with life.

But does this mean students and academic staff are safe? Is their research and partner companies’ data really secure? Will an institution’s computers, libraries and facilities function without hiccup thanks to the new wave of encryption, site blocks and alerts that have arrived in recent months?

In a word, no. Universities will never be 100 per cent secure because no one is completely safe when it comes to cybersecurity. 

As Henry Hughes, deputy chief information security officer at Jisc, pointed out at a recent higher education conference: “Half of you are not doing any student training in cyber security.” Supporting this statement, he added that a Jisc survey of 22,000 students’ satisfaction at the end of their courses found that 82 per cent felt that digital skills were essential to their future careers, but less than half of the group felt that they were well prepared for the digital workplace.

This matters because we can all be victims (or at least targets) and cyber security cannot, and should not, be delegated. While you are busy thinking “it’s not going to be me, I’m not important”, that is when you leave yourself vulnerable.
IT security is not a new challenge for universities but with the new European Union’s General Data Protection Regulation it is expected that universities will become more liable for data breaches, with fines of up to 2 per cent of overall revenue or €10 million, whichever is higher.

In 2016, the UK government set out plans to commit £1.8 billion to the National Cyber Security Strategy, working with organisations from the private sector, public agencies and academia to create a national Cyber Security Centre, a Cyber Innovation Centre, and an Institute of Coding.

The University of Gloucestershire is leading discussions with a select group of universities and businesses to discuss the shape and form of this national project. The university is also now one of 17 universities helping its graduates to develop skills in writing safe and secure software, as part of the newly set up Institute of Coding.

This project has acquired greater importance thanks to a new phenomenon known as the “internet of things”. This shorthand describes the online interconnection of computing devices embedded in everyday objects, ranging from phones and fridges to home thermostats and power stations. 

Within two years it is estimated that about 26 billion devices will be connected to the internet. Cyber-attacks will have the potential to damage not just our laptops and work computers, but dozens of electrical items in our homes. As such, university staff and students need to get into good “cyber hygiene” habits. Campus visitors bring laptops and mobile phones with them, while academics frequently connect with organisations from around the world. We need to limit the number of people with administrator privileges and be wary of disgruntled insiders.

Training and education must be continuous because cybersecurity is a process, not an event. It has to be part of a university’s ongoing risk assessment. We all should think of ourselves as human firewalls within our organisations.

It is vital to make sure that systems are updated regularly and understand that security is a continuous process. Share good practice, your neighbour could be the weak link so help them, and have a plan for when it all goes wrong.

Times Higher Education:      Image: Nick Youngson

You Might Also Read: 

Oxford University’s Cyber Research:

Canadian University Hit For $12m Phishing Scam:

 

« Business AI Platform For Commercial Development
Deloitte To Invest £430 Million On Cybersecurity Defences »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

InfoSec People

InfoSec People

InfoSec People is a boutique cyber and technology recruitment consultancy, built by genuine experts.

Hitachi ID Systems

Hitachi ID Systems

Hitachi ID Systems offers comprehensive identity management and access governance, privileged access management and password management solutions.

Italian Association of Critical Infrastructure Experts (AIIC)

Italian Association of Critical Infrastructure Experts (AIIC)

AIIC acts as a focal point in Italy for expertise on the protection of Critical Infrastructure including ICT networks and cybersecurity.

Semperis

Semperis

Semperis is an enterprise identity protection company that enables organizations to quickly recover from accidental or malicious changes and disasters that compromise Active Directory.

CRI4DATA

CRI4DATA

CRI4DATA's mission is to help organizations build their resilience to cyber risk.

FirstPoint

FirstPoint

FirstPoint has developed the market’s most advanced solution for securing cellular devices, including mobile phones and IoT products, by blocking malicious data leakage.

Veriff

Veriff

Veriff provides highly-automated identity-verification services that prevent fraud like nothing else on the market.

National Health Care Anti-Fraud Association (NHCAA) - USA

National Health Care Anti-Fraud Association (NHCAA) - USA

National Health Care Anti-Fraud Association is the leading national organization focused exclusively on the fight against health care fraud.

SilverSky

SilverSky

SilverSky offers a comprehensive suite of products and services that deliver unprecedented simplicity and expertise for compliance and cybersecurity programs.

Sec-Ops

Sec-Ops

Sec-Ops is a forward thinking cyber security company, formed by a group of security enthusiasts with years of experience and backgrounds in the technology and the government industries.

Vancord

Vancord

Vancord is an information and security technology company that works in collaboration with clients to support their infrastructure and data security needs for today and tomorrow.

RAND Corporation

RAND Corporation

The RAND Corporation is a non-profit institution that helps improve policy and decision making through research and analysis.

CloudWave

CloudWave

CloudWave, the expert in healthcare data security, provides cloud, cybersecurity, and managed services to healthcare organizations.

5S Technologies

5S Technologies

5S Technologies is a regional IT solutions and services provider based in Cary, NC and serving the Carolinas.

SoConnect

SoConnect

SoConnect provides safe, secured, and taken care of IT, with infrastructure built around you and your business.

Blue Goat Cyber

Blue Goat Cyber

Blue Goat stands at the forefront of cybersecurity, particularly in medical device security and penetration testing.