Universities staff need to understand their role in keeping hackers at bay
Blog posted by: Kuldip Sandhu, Higher and Further Education Consultant, Innovative Quality Solutions (IQS), 31 October 2018.
In a second blog post looking at the cyber resilience challenge in the further and higher education market, Kuldip Sandhu of Innovative Quality Solutions, considers the responsibilities academic and administrative staff have in helping to beat the hackers.
Universities have become a hunting ground for the unscrupulous hackers. Recently the Cobalt Dickins hacking group, which is linked to the Iranian government, was revealed to be behind an attempt to breach the systems of 76 universities in 14 countries. This included a number in the UK in the Times Higher Education Top 50 as well as others across Europe, the US and Asia.
This came just six months after the US Department of Justice charged nine Iranian hackers with attacking more than 300 universities around the world. This attack succeeded in duping 8,000 academics to respond to a phishing email and saw the group access 15 billion pages of academic projects.
These projects often include cutting-edge research and lucrative intellectual property which is why the further and higher education sector is so attractive to the hackers. They see potential riches – not a surprise when the Economist magazine reports that data is now the world’s most valuable commodity.
In my last blog post I examined the importance of helping students understand their role in cyber resilience. However, the thwarted attacks give a stark reminder as to why it is so important for academic and administrative staff to have the right online behaviours. They use technology as an enabler to manage personal information, carry out experiments and collate data. So it has never been more vital to understand about good online behaviours.
University staff have to know what their responsibilities are in keeping their institution’s IT system resilient particularly as 90% of cyber breaches are caused by human error. In a recent KPMG/Harvey Nash reporteducation is the worst-affected sector for cybercrime.
Beating the threats is made even more complex as the majority of colleges and universities operate with clear distinctions between departments and faculties with little crossover and often on different sites, sometimes miles apart.
That is why it is important to have clear guidelines about staff’s online behaviours, particularly as any breach has the potential to inflict reputational and financial damage on the institution. It is also likely that research projects will involve academic and research staff working with industry partners, even other universities, which creates “weak spots” – so it is vital everybody understand how to keep the IT system secure.
Cyber resilience training should therefore be mandatory and all modules should be completed otherwise being locked out of IT systems could be a consequence.
RESILIA® Frontline provides the perfect tools: a suite of proven e-learning modules designed to be integrated easily into a university’s existing IT system. Each module takes ten to 15 minutes to complete and covers the full spectrum of cyber risk including online safety, phishing, social media protection, protecting information and safe device use. It includes a learning dashboard for administrators to measure and track progress.
The reality is that a cyber breach could be just a mouse click away and the evidence shows one in three universities face hourly attempts, so it is unlikely the threat isn’t going away soon.
Putting the right awareness training in place for staff and students alike will help to thwart the unscrupulous and protect reputations.
Visit AXELOS.COM/resilia-higher-education to request a free copy of the paper I co-authored with AXELOS ‘Protecting the reputation of UK Higher Education with your most valuable defence; your people’, co-authored by myself and AXELOS Global Best Practice.
You can also speak to one of the RESILIA team or request a live demo by visiting AXELOS.com/resilia-frontline.
Read Kuldip Sandhu's previous AXELOS blog post Universities need to meet student challenge for cyber resilience
Latest News from
Built on ITIL: a steady stream of employment16/01/2019 12:20:00
Blog posted by: Richard Josey – ITSM expert, 15 January 2019.
How to enjoy your project board15/01/2019 09:20:00
Blog posted by: Steven Riley – Capita Government Services, 14 January 2019.
Getting the basics right before you buy in the “bots”09/01/2019 13:20:00
Blog posted by: Barclay Rae – ITSM expert, 09 January 2019.
PRINCE2 Agile Foundation: best of both worlds08/01/2019 10:20:00
Blog posted by: Allen Philip Abraham – IT project consultant, 07 January 2019.
The case for ITIL certification in IT service management04/01/2019 09:20:00
Blog posted by: Adam McCullough – ITSM expert, 03 January 2019.
ITIL: bridging the gap between IT services today and tomorrow03/01/2019 14:20:00
Blog posted by: Lisa Hodges – principal consultant, Cornerstone Service Management, 27 December 2018.
Licence to learn – duty to learn?21/12/2018 10:20:00
Blog posted by: Anne Fitzsimons – Membership Services Manager, AXELOS, 20 December 2018.
AXELOS’ CPO Margo Leach shortlisted for Women in IT Awards20/12/2018 10:20:00
Margo Leach, Chief Product Officer (CPO) at AXELOS, a joint venture company between Capita plc. and the Cabinet Office, has been shortlisted in the Business Leader of the Year category in the 2019 Women in IT Awards.