British Universities Have Many Cyber Threats

Uploaded on 2018-06-19 in NEWS-Cybersecurity News, JOBS-Training, FREE TO VIEW

Emerging online threats and tough new penalties for data breaches are forcing universities to take cyber security more seriously than ever.  Universities are bombarded on a daily basis with information about cybercrime and security, almost to the point where it feels that little else needs to be done other than trust in the IT department’s skills and get on with life.

But does this mean students and academic staff are safe? Is their research and partner companies’ data really secure? Will an institution’s computers, libraries and facilities function without hiccup thanks to the new wave of encryption, site blocks and alerts that have arrived in recent months?

In a word, no. Universities will never be 100 per cent secure because no one is completely safe when it comes to cybersecurity. 

As Henry Hughes, deputy chief information security officer at Jisc, pointed out at a recent higher education conference: “Half of you are not doing any student training in cyber security.” Supporting this statement, he added that a Jisc survey of 22,000 students’ satisfaction at the end of their courses found that 82 per cent felt that digital skills were essential to their future careers, but less than half of the group felt that they were well prepared for the digital workplace.

This matters because we can all be victims (or at least targets) and cyber security cannot, and should not, be delegated. While you are busy thinking “it’s not going to be me, I’m not important”, that is when you leave yourself vulnerable.
IT security is not a new challenge for universities but with the new European Union’s General Data Protection Regulation it is expected that universities will become more liable for data breaches, with fines of up to 2 per cent of overall revenue or €10 million, whichever is higher.

In 2016, the UK government set out plans to commit £1.8 billion to the National Cyber Security Strategy, working with organisations from the private sector, public agencies and academia to create a national Cyber Security Centre, a Cyber Innovation Centre, and an Institute of Coding.

The University of Gloucestershire is leading discussions with a select group of universities and businesses to discuss the shape and form of this national project. The university is also now one of 17 universities helping its graduates to develop skills in writing safe and secure software, as part of the newly set up Institute of Coding.

This project has acquired greater importance thanks to a new phenomenon known as the “internet of things”. This shorthand describes the online interconnection of computing devices embedded in everyday objects, ranging from phones and fridges to home thermostats and power stations. 

Within two years it is estimated that about 26 billion devices will be connected to the internet. Cyber-attacks will have the potential to damage not just our laptops and work computers, but dozens of electrical items in our homes. As such, university staff and students need to get into good “cyber hygiene” habits. Campus visitors bring laptops and mobile phones with them, while academics frequently connect with organisations from around the world. We need to limit the number of people with administrator privileges and be wary of disgruntled insiders.

Training and education must be continuous because cybersecurity is a process, not an event. It has to be part of a university’s ongoing risk assessment. We all should think of ourselves as human firewalls within our organisations.

It is vital to make sure that systems are updated regularly and understand that security is a continuous process. Share good practice, your neighbour could be the weak link so help them, and have a plan for when it all goes wrong.

Times Higher Education:      Image: Nick Youngson

You Might Also Read: 

Oxford University’s Cyber Research:

Canadian University Hit For $12m Phishing Scam:

 

« Business AI Platform For Commercial Development
Deloitte To Invest £430 Million On Cybersecurity Defences »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Waterfall Security Solutions

Waterfall Security Solutions

Waterfall Security is focused on protecting critical infrastructure and industrial control systems from remote online cyber attacks,

Andrisoft

Andrisoft

Andrisoft develops WANGUARD, an anti-DDoS Software solution that monitors IP traffic using packet-based and flow-based Sensors, and protects networks

Watchcom Security Group

Watchcom Security Group

Watchcom is one of Norway's foremost suppliers of information security consultancy services.

Seceon

Seceon

Seceon OTM, is a cyber security advanced threat management platform that visualizes, detects, and eliminates threats in real time.

Inogesis

Inogesis

Inogesis helps blue-chip organisations harness disruptive technologies and thinking to drive new revenues or overcome challenges by connecting them with dynamic small companies.

LUCY Security

LUCY Security

LUCY is the answer when you want to increase your IT security, maintain your cyber security awareness, or test your IT defenses.

La Fosse Associates

La Fosse Associates

The InfoSec Recruitment team at La Fosse Associates specialises in placing Information Security & Risk professionals on a permanent and contract basis.

ACM-CCAS

ACM-CCAS

ACM is a UKAS-accredited certification body helping businesses around the world perform to a higher standard. Our certifications include ISO 27001 and ISO 22301.

Cloud GRC

Cloud GRC

Cloud GRC is an innovative cybersecurity company with solutions and expertise in Cybersecurity Strategies & Frameworks, Threat & Risk Assessment, Cloud Security, and Regulatory Compliance Requirements

Knowledge Transfer Network (KTN)

Knowledge Transfer Network (KTN)

KTN links new ideas and opportunities with expertise, markets and finance through our network of businesses, universities, funders and investors.

GCHQ Apprenticeships

GCHQ Apprenticeships

GCHQ, the UK intelligence and security organisation, offers a unique three-year Cyber Security Degree Apprenticeship with employment on successful completion.

Haven Group

Haven Group

Haven Group and its companies are a cyber security one-stop-shop for our clients offering a full range of cyber security services to our clients in a unified and united way.

Securolytics

Securolytics

Securolytics offers the simplest, most complete and affordable IoT security for all organizations. Securolytics quickly identifies unmanaged devices to reduce security and compliance risks.

Harvey Nash

Harvey Nash

Harvey Nash is a leading global provider of talent and technology solutions.

Moonlock

Moonlock

Cybersecurity tech for humans. At Moonlock, we make software that seamlessly protects you and has your back as you live your life.

Cyber Security Certification Australia (CSCAU)

Cyber Security Certification Australia (CSCAU)

CSCAU is the world’s first 'for mission' industry council set up to address small and medium-sized business (SMB) cyber resilience through annually updated certifiable standards.