Cyber Security Strategy: Protecting Your College from Cyber Attack

More than three years ago, in March 2015, Jisc published its first cyber security strategy, covering the security products and services that we offered or were planning to deliver over the subsequent three years. While much changed over this period, we broadly met the objectives of this original strategy as we constantly revised our plans to meet the needs of our members.

For example, three years ago we hadn’t embarked on our DDoS mitigation programme, yet the security landscape and the need to protect our members better meant we had to quickly develop and implement a national solution to mitigate denial of service attacks. It needed to ensure secure and reliable network access for users and to also enhance the visibility of threats on the Janet Network – helping to increase security for the entire education and research sector.

One cyber security division

At that time cyber security within Jisc was scattered across different departments with operations and development as separate activities. Now, as we publish the next three year strategy, we do so under the auspices of a single cyber security division – formed to consolidate all of Jisc’s member-facing security products and service activities into one organisational structure to provide a coherent set of solutions.

This new strategy looks at how Jisc will work to protect our members and the Janet network from cyber attacks over the next three years (2018- 2021). This strategy has been informed by our members through multiple meetings with individual organisations, feedback from our annual cyber security conference and detailed analysis of responses to our annual cyber security posture survey.

More managed security services

In May last year we conducted our first ever cyber security posture survey among our members. This gave us valuable insight into our members’ security posture and requirements, providing us with a greater understanding of our members’ top security concerns and where you need most help.

The survey has now become an annual fixture to ensure we continuously deliver the cyber security products and services that meet your needs, which this year has seen an increased interest in us providing more managed security services: managed log aggregation and managed intrusion detection services are both of interest to HE and FE respondents.

To help meet this need we will undertake research with a view to implementing a managed security operations centre service for members by 2020, working with institutions to develop a unique sector offering to help protect them in an increasingly difficult environment, both from the number of attacks and the scarcity of skilled security personnel.

Digital forensics

Another key finding we are responding to is the significant growth in interest for digital forensics. This has jumped in priority for both FE and HE institutions, so we will continue to develop the Jisc security operations centre by recruiting and training skilled individuals. By the end of 2019 we will look to have developed our digital forensics capability to enable us to undertake more investigative work as part of ongoing incidents.

We expect the next three years to be as turbulent for cyber security as the last three, so we will continue to engage with you to ensure we are protecting you. Cyber threats are not going away and, as funding changes within the education and research sector, we will need to be more agile and innovative about how we all work together to address them.

John Chapman, Head of Jisc’s Security Operations Centre