How safe is your data? Cyber-security in higher education

In this new Policy Note, Dr John Chapman, Head of Jisc’s Security Operations Centre, reports on the cyber-security risks facing universities based on Jisc’s own work in this area.

Key points:

• under penetration testing, there is a 100 per cent track record of gaining access to higher education institutions’ high-value data within two hours;
• 173 higher education providers engaged with Jisc’s Computer Security Incident Response Team (CSIRT) in 2018 (a 12 per cent increase); and
• during 2018, there were more than 1,000 Distributed Denial of Service (DDoS) attacks detected at 241 different UK education and research institutions.

The paper highlights areas of concern, pinpoints the sources of cyber attacks and proposes specific actions universities should take to tackle the issue, including the adoption of a new British Standard on cyber risk and resilience.