The proportion of UK universities achieving Cyber Essentials certification has hit 40%, almost treble the percentage of a year ago.
The National Cyber Security Centre (NCSC), which runs the certification scheme for meeting basic cyber hygiene requirements, has highlighted the progress as an important element in the sector strengthening its capability to defend itself.
It said the trend has been revealed in the latest annual Cyber Security Posture Survey by Jisc, the not-for-profit provider of technology services to the higher education sector.
It shows that, along with to the progress in certification, nearly three-quarters of higher education providers have now recruited staff for dedicated cyber security roles, and 66% have a strategic cyber security lead. In addition, cyber security has risen up institutions’ agendas as a strategic issue, and that proactive management of the threats has become a greater priority.
Encouraging
Sarah Lyons, deputy director for economy and society at the NCSC, said: “It is extremely encouraging to see such a significant rise in universities and colleges investing in their cyber security.
“Given the NCSC assessment that it is a realistic possibility that the cyber threats facing universities will increase, we will continue to work closely with the education sector to enable more institutions to achieve this industry recognised standard.”
But the report also reveals less encouraging trends. These include human error remaining as a major risk, that not all organisations have formalised 24/7 cover – instead depending on the goodwill of staff to respond – and that procedures not being followed remains a significant issue.
Earlier this year Jisc released its first threat assessment for universities, highlighting different threats and the steps that can be taken to counter them. This highlighted a survey of universities’ IT and security staff showing that only 15% scored their organisation as eight or more out of 10 for being well protected. The mean score was 5.9.
In the NCSC’s 2019 Annual Review, academia appeared second in the list of top five sectors which received the most support from the organisation’s Incident Management team.
Image from iStock
