Demo
6 Unique Cyber Security Challenges in Higher Education - Talion

A survey of 499 IT decision makers in the education sector found that nearly half of organisations were hit by ransomware in the last year. Organisations must take sufficient steps to stay secure and safe as threats continue to rise amongst universities.

Professor Madeline Carr at UCL is a leading academic on cyber security in higher education and also sits on our board of directors. We are sharing 6 security challenges she’s highlighted when working collaboratively with her research team, the NCSC and UCISA, from budgetary constraints, to lack of communication and support.

 

1) Difficulty Protecting Sensitive Data

The Higher Education sector holds vast amounts of Personal Identifiable Data (PID), from salaries and bank details to pastoral care notes, as well as commercially valuable intellectual property such as the Oxford Astra Zeneca vaccine. Due to the sensitivity of this information, universities are automatically high targets for cyber attacks as threat actors attempt to damage valuable data or leverage it for personal gain.

Listen to the special edition of our Threat Set Radio Podcast for Higher Education.

 

2) Employee Compliance

CEOs often make requests for staff to take steps to improve their security measures, but this won’t necessarily call for high compliance within a university. Academics are wary of systems and processes that get in the way of their work and will often continue to use their specific tools and platforms out of familiarity. This limits an organisation’s ability to make tangible security improvements.

 

Academic typing on laptop

 

3) Following Cyber Security Practices Across Different Institutions Can Be A Burden

Universities are full of people who highly value openness, collaboration and exchanging information and knowledge, often working in many cross institutional groups. As a result, what might be seen as perfectly sensible cyber security practices can be very cumbersome for them as they move in and out of systems in other institutions, trying to keep track of all their data and keep the appropriate access controls. This can lead to a ‘head in the sand’ approach where much-needed change is avoided.

 

4) Lack Of Communication And Support

Although there are some very good organisations established to help university CISOs, they are not working as effectively as they need to. Most CISOs at universities call on colleagues at other universities for help when they need it, rather than drawing upon shared threat intelligence and solutions within their own vicinity.

 

5) Budgets Remain Too Small

The global pandemic made it more apparent than ever that university business continuity leans much more heavily on its digital estate than it does on its physical estate, and yet the budget allocation to these is incomparable. In many universities, cyber security still comes under the IT budget and even that is low in comparison to other similar sized organisations. Protecting a huge, sensitive digital estate that carries high value data and is essential for business continuity on a small budget requires a partner that really understands the sector and can leverage threat intelligence from multiple HE institutions.

 

“Cybersecurity practitioners in the higher education sector have been doing an incredible job with relatively little in terms of resources. It’s a sector that is critical to the UK national interest and it’s overdue for some focused support and attention.”

– Keven Knight, COO at Talion

 

 

6) Managing The Transitory Workforce Is Tricky

 Large universities welcome and farewell around 10K students each year – all of which need access controls and credential management. Managing alumni, therefore, remains particularly challenging as they are best kept close to the institution for promotional purposes, but this leaves 10K open gates each year.

 

 

Madeline Carr, Professor of Global Politics and Cybersecurity at UCL, notes that:

“We’ve seen a significant increase in attacks on UK HE over the past few years, and it’s clear that more needs to be done to coordinate threat intelligence in this sector. We’ve got people holding back a tidal wave of malicious actors with a swiss army knife. They need more support.”

 

Implementing good cyber hygiene in a university is no easy feat, but it can be achieved successfully when it is built on an honest exchange with academics, professional services staff, management, and the security team.

Our Threat Intelligence report for education highlights sector-specific threat activity, recent attacks in Higher Education, and mitigation recommendations for Universities.

 

Download our Higher Education Cyber Threat Report here.

 

Have further questions about the threat of cyber attacks against Universities?

Feel free to get in touch.

 

 
Leave a comment

Filed in Blog, by Talion. 0 comments
Watch demo video
We’re a tight-knit, highly skilled operation, so when a threat arises, we move quickly.
Talion
Watch demo video
We’re a tight-knit, highly skilled operation, so when a threat arises, we move quickly.
Talion
24x7x365 UK-based Security Operations Centre
Talion
Service underpinned by market leading threat intelligence team
Talion
Continually developed threat relevant content, backed by SLAs
Talion
MDR service has featured in the Gartner Magic Quadrant for 6 consecutive years
Talion
Experts in SIEM and SOAR technology
Talion
UK-based Senior Leadership
I'm ready
Request a more in-depth demo.
Discuss your cyber security needs
Fill in the form below and one of our team will be in touch to arrange your demo.

Call us on 0800 048 5775

Call us directly and we’ll put you in touch with the most relevant cyber expert.

Send us a message

Give us a brief description of what you’re looking for and we’ll put you in touch with the best person.