by Louise Fellows, Director, Public Sector UK&I at VMware
As the world becomes connected, so it comes under attack. Organisations of all kinds face daily, if not hourly, cyber intrusions, as criminals, hacktivists and hostile nations seek to profit from poor IT security practices.
For organisations used to dealing in sensitive information, the apparatus is in place to protect mission critical data and systems. Yet in this new and evolving digital world, not all sectors are as well prepared.
Universities are undergoing their own rapid technology transformations. To appeal to tech-savvy students and staff, as well as access new streams of revenue, they are rapidly expanding their digital footprints.
Those income streams include funding for government-backed projects. A new study from VMware and Dell EMC suggests that in 93% of cases, research programmes have been commissioned directly by UK government sources, with almost a third of respondents stating their research is in the interests of national security.
So, are their security practices up to the challenge, or are UK universities tempting targets for hostile parties looking for easy wins?
University challenges – multiple attacks, financial loss, damaged reputations
The research would suggest that more needs to be done if universities aren’t going to be easy ways to access national security secrets.
A quarter of senior IT leaders surveyed at UK universities believe their security and defence research may have already been infiltrated, while over half (53%) say a cyberattack on their institution has led to research ending up in foreign hands.
When it came to what was being targeted, scientific (54%), medical (50%), economic (37%) and defence research (33%) were top of the list.
How is this able to happen? Almost half (49%) recognise that a lack of IT investment is driving the need for more robust cyber security practices. If they don’t, reputations can suffer, and with that revenue streams – 92% of respondents believe that a successful cyberattack on their research data could result in serious financial loss for their institution.
At a time when state-sponsored attacks targeting national secrets are becoming increasingly common, these findings highlight how vital increasing security budgets and taking the right approach to cyber defence is for universities and the UK as a whole.
Keeping pace with today’s sophisticated cyber threats is an enormous challenge. Those responsible for protecting universities and the data that they hold must examine how they can evolve practices and approaches in line with an increasingly complex threat landscape, including cybersecurity as a consideration at every stage of the research process by design.
The way forward
The report also outlines what universities need to do to improve their cyber security.
From enforcing good behaviours to improving user education, changing the way IT operates to building security into everything and securing the user, it provides an overview of the five steps universities should consider if they want to remain secure and retain their reputations for trusted seats of learning.
To find out more, take a look at ‘University Challenge: protecting research in higher education’.