Talion is a finalist for Best SIEM Solution for the 4th year in a row

Talion is a finalist for Best SIEM Solution for the 4th year in a row

6 Unique Cyber Security Challenges in Higher Education - Talion

A survey of 499 IT decision makers in the education sector found that nearly half of organisations were hit by ransomware in the last year. Organisations must take sufficient steps to stay secure and safe as threats continue to rise amongst universities.

Professor Madeline Carr at UCL is a leading academic on cyber security in higher education and also sits on our board of directors. We are sharing 6 security challenges she’s highlighted when working collaboratively with her research team, the NCSC and UCISA, from budgetary constraints, to lack of communication and support.


1) Difficulty Protecting Sensitive Data

The Higher Education sector holds vast amounts of Personal Identifiable Data (PID), from salaries and bank details to pastoral care notes, as well as commercially valuable intellectual property such as the Oxford Astra Zeneca vaccine. Due to the sensitivity of this information, universities are automatically high targets for cyber attacks as threat actors attempt to damage valuable data or leverage it for personal gain.

Listen to the special edition of our Threat Set Radio Podcast for Higher Education.


2) Employee Compliance

CEOs often make requests for staff to take steps to improve their security measures, but this won’t necessarily call for high compliance within a university. Academics are wary of systems and processes that get in the way of their work and will often continue to use their specific tools and platforms out of familiarity. This limits an organisation’s ability to make tangible security improvements.




3) Following Cyber Security Practices Across Different Institutions Can Be A Burden

Universities are full of people who highly value openness, collaboration and exchanging information and knowledge, often working in many cross institutional groups. As a result, what might be seen as perfectly sensible cyber security practices can be very cumbersome for them as they move in and out of systems in other institutions, trying to keep track of all their data and keep the appropriate access controls. This can lead to a ‘head in the sand’ approach where much-needed change is avoided.


4) Lack Of Communication And Support

Although there are some very good organisations established to help university CISOs, they are not working as effectively as they need to. Most CISOs at universities call on colleagues at other universities for help when they need it, rather than drawing upon shared threat intelligence and solutions within their own vicinity.


5) Budgets Remain Too Small

The global pandemic made it more apparent than ever that university business continuity leans much more heavily on its digital estate than it does on its physical estate, and yet the budget allocation to these is incomparable. In many universities, cyber security still comes under the IT budget and even that is low in comparison to other similar sized organisations. Protecting a huge, sensitive digital estate that carries high value data and is essential for business continuity on a small budget requires a partner that really understands the sector and can leverage threat intelligence from multiple HE institutions.


“Cybersecurity practitioners in the higher education sector have been doing an incredible job with relatively little in terms of resources. It’s a sector that is critical to the UK national interest and it’s overdue for some focused support and attention.”

– Keven Knight, COO at Talion




6) Managing The Transitory Workforce Is Tricky

 Large universities welcome and farewell around 10K students each year – all of which need access controls and credential management. Managing alumni, therefore, remains particularly challenging as they are best kept close to the institution for promotional purposes, but this leaves 10K open gates each year.



Madeline Carr, Professor of Global Politics and Cybersecurity at UCL, notes that:

“We’ve seen a significant increase in attacks on UK HE over the past few years, and it’s clear that more needs to be done to coordinate threat intelligence in this sector. We’ve got people holding back a tidal wave of malicious actors with a swiss army knife. They need more support.”


Implementing good cyber hygiene in a university is no easy feat, but it can be achieved successfully when it is built on an honest exchange with academics, professional services staff, management, and the security team.

Our Threat Intelligence report for education highlights sector-specific threat activity, recent attacks in Higher Education, and mitigation recommendations for Universities.


Download our Higher Education Cyber Threat Report here.


Have further questions about the threat of cyber attacks against Universities?

Feel free to get in touch.


Watch demo video
We’re a tight-knit, highly skilled operation, so when a threat arises, we move quickly.
Watch demo video
We’re a tight-knit, highly skilled operation, so when a threat arises, we move quickly.
24x7x365 UK-based Security Operations Centre
Service underpinned by market leading threat intelligence team
Continually developed threat relevant content, backed by SLAs
MDR service has featured in the Gartner Magic Quadrant for 6 consecutive years
Experts in SIEM and SOAR technology
UK-based Senior Leadership
Looking to maximise value and flexibility?
Learn how Talion and DEVO partner to achieve this.
Discuss your cyber security needs
Contact us below and one of our team will be in touch to answer your questions.

Call us on 0800 048 5775

Call us directly and we’ll put you in touch with the most relevant cyber expert.

Get In Touch With Us

Not currently free to call? Give us a brief description of what you’re looking for by filling out our form and we’ll email you as soon as we can.

CISO Cyber Dinner – Register Your Interest!

Thought-provoking cyber security discussion at Michelin-star restaurants across the UK.