Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Thursday, 8 June, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

What are universities doing to defend their cyberspace?

by The Gurus
July 28, 2017
in Editor's News
students
Share on FacebookShare on Twitter

Hacking is a growing problem globally and attacks on all organisations, UK universities included, continue to increase. So, what is the higher education sector doing to combat the problem?
A new survey* indicates that universities’ cyber security budgets are increasing rapidly, but investment alone is not enough to tackle the problem.
Raising awareness of threats, what they look like and what to do about them is a key defence in the fight to protect cyber space, and the higher education sector is making good progress on this point. However, there are other difficulties to overcome, too.
Latest research shows that although most universities have information security awareness training for staff, fewer than half train students. Meanwhile, some universities report difficulties in recruiting staff with the right skills and complain there is not enough support for cyber security from senior decision-makers.
These findings are from a survey by Jisc, which operates the UK’s education and research network, supporting up to 18 million users. While individual universities are responsible for their own cyber defence, Jisc’s specialist security team monitors the Janet network and provides services, advice and training to help protect it.
The threat level and how to tackle it
To put the issue into context, latest Jisc figures show that, since October 2016, there were 770 Distributed Denial of Service (DDoS) attacks against 176 different organisations connected to Janet. The unluckiest has been attacked on 59 separate occasions.
Working on the principle that preparation is the key to effective defence, 82% of respondents use outside expertise to test their systems for vulnerabilities, although fewer (51%) use third-party services to gain intelligence about current or emerging threats.
Jisc’s cyber security compliance manager, John Chapman, said: “With the increasing threat landscape, it is becoming more important to identify where vulnerabilities are, keep technology up to date and to apply the latest security patches as they’re made available.”
Social engineering, especially phishing emails, (which may, for example, trick someone into a particular action, or into revealing confidential information), are the most common threats mentioned by survey respondents, all driven by a lack of awareness.
It’s hardly surprising, therefore, that the top cyber security priorities are protection and prevention – and end-user training. The Jisc research found that 83% of universities provide training for staff, which is compulsory in 46% of cases, but only 40% train students and only 8% insist that students take a course.
John Chapman added: “Being more aware of specific threats and improving user awareness can benefit institutions by reducing their exposure to attacks that can have serious implications.”
Why invest in protection measures?
Respondents who felt their university was well protected against cyber-attacks said the issue was taken seriously by management, with the right investment, processes, technology and training in place. They felt able to react quickly to problems, undertook regular audits and, as a result, recorded a low number of incidents.
By contrast, those HEIs who felt they weren’t well protected said cyber security was low on management’s priority list, there was a lack of investment and they had trouble recruiting the right staff.
Using a real example, John Chapman explains how not investing in the cyber security area can be a false economy. He said: “We recently came across a university that had invested in a Jisc automated approach to vulnerability assessment, which meant it was able to understand within a few minutes if any of the systems were at risk to the recent WannaCry attack.
“In turn, this allowed all the IT staff to be stood down from the alert on a Friday afternoon, saving the expense and disruption of working through the weekend to manually check that all systems across the estate had been correctly patched.”
The survey found that 72% of universities had staff dedicated to cyber security and 40% set aside money specifically for cyber security in 2015/2016, which is projected to rise to 58% in 2017/2018.  Compared to the level of spending on cyber security during 2016/17, the mean amount is expected to rise by 132% in 2017/2018.
To help universities gauge where they are on the scale of protection, there are several recognised cyber security standards. Cyber Essentials is the most popular certification and 20% of universities have achieved this accreditation already, while 38% are working towards it and a further 29% are considering.
In response to 94% of respondents agreeing this would be useful, Jisc is exploring the possibility of producing a cyber security ranking system for its members (universities, colleges and research establishments). Jisc has already committed to helping members better assess their cyber security position by developing a security audit service.
*The survey was conducted by Jisc between 30 March and 6 June 2017 and received 65 responses from 51 universities.
About Jisc
Jisc is the UK higher, further education and skills sectors’ not-for-profit organisation for digital services and solutions.  We:

  • operate shared digital infrastructure and services
  • negotiate sector-wide deals with IT vendors and commercial publishers and
  • provide trusted advice and practical assistance for universities, colleges and learning providers.

For more information, contact the press team: [email protected]
 

FacebookTweetLinkedIn
Tags: CybercybersecurityCyberspaceHEtechUniversity
ShareTweet
Previous Post

Most Companies Worldwide Failing to Measure Cybersecurity Effectiveness and Performance

Next Post

Mimecast Report: 45 Million Emails Passed by Incumbent Email Security Systems, Nearly 25% are “Unsafe”

Recent News

large open office, bright.

Employees Feel 10 Times Calmer in an Environmentally Friendly Office Space

June 7, 2023
Blue Logo OUTPOST24

Outpost24 Acquires EASM Provider Sweepatic

June 7, 2023
Standard post, logos of brands, headshot.

J Brand: The Challenges of Putting Mental Health First in an Unfamiliar Industry

June 6, 2023
iPad with Anxiety written on it in capitals.

Half of UK Employees Suffer From “Sunday Scaries”

June 6, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information