Cyber security

To help you get the most from your Jisc membership, we work to protect the Janet Network and connected organisations

As technology becomes more complex and threats more sophisticated, it’s a challenge to keep your online environment and physical infrastructure secure.

Acting as a trusted partner and critical friend, we can help support you through these challenges with our range of services and in-house expertise.

Ten steps to cyber security

The National Cyber Security Centre’s (NCSC) ten steps to cyber security breaks down the task of defending your networks, systems and information into its essential components. Working in partnership with the NCSC, we’ve matched our key member services to those ten steps.

Risk management regime

Defining and communicating your board’s information risk management regime is central to your organisation’s overall cyber security strategy.

BS31111 cyber risk and resilience audit and assessment
A top-down approach to managing cyber risk, helping leaders to understand risks, mitigate them and stay resilient.

Penetration testing
Evaluate and improve the security of member systems or networks – by simulating real-world attacks.

User education and awareness

Users have a critical role to play in your organisation’s security. Awareness programmes and training help establish a security-conscious culture within your organisation.

Phishing framework 
Helps users safely experience what an attack might look like, along with related security training so they understand wider risks and know what to do if they suspect an issue.

Critical services protectionNew
Protect your business-critical services with fast, focused, and out-of-hours coverage – giving you extra peace of mind.

Network security

Protect your network from attack, defend the perimeter and filter out unauthorised access and malicious content.

Penetration testing 
Allows you to evaluate and improve the security of your system or network by simulating real-world attacks.

Simulated phishing and associated training framework
Reduce the risks from phishing and related attacks by giving users the skills and awareness to spot threats.

Secure configuration

Apply security patches and ensure the secure configuration of all systems is maintained.

Vulnerability assessment service and tools supply frameworkNew
Helping you choose a strategy to detect and assess vulnerabilities within your IT estate, so you can manage your security risks, compliance and quality.

Cyber EssentialsNew
A trusted way to gain and renew Cyber Essentials certification, helping to make sure vital security precautions are in place.

Malware prevention

Produce relevant policies and establish anti-malware defences across your organisation. 

Janet Network resolver 
Uses independent analysis and research on malware and phishing attacks to adapt to emerging and evolving threats.

Vulnerability assessment service and tools supply frameworkNew
Helping you choose a strategy to detect and assess vulnerabilities within members' IT estates.

Incident management

Establish an incident response and disaster recovery capability. Test your incident management plans within your organisation and report criminal incidents to law enforcement agencies.

CSIRT 
Safeguards your current and future computer security. By monitoring and resolving security incidents that occur on the Janet Network, we can share intelligence and advice to help keep your own networks safe.

Janet Network resolver
Advanced protection, with the performance and capacity to meet the needs of all Janet Network connected organisations.

Monitoring

Establish and implement a monitoring strategy and produce supporting policies. Analyse logs for unusual activity that could indicate an attack.

Splunk 
Allows you to optimise your organisational performance, identify threats, and provide real-time insights into your infrastructure and services by automating the collection, indexing and alerting of your machine data.

BS 31111 audit and assessment
A top-down approach to managing cyber risk, using the BS 31111:2018 standard.

Managing user privileges

Establish effective management processes and limit the number of privileged accounts. Monitor activity and audit logs.

Web filtering and monitoring solutions 
Enables you to apply age-appropriate or role-required web use policies with the most appropriate technology and toolset for your organisation.

Splunk
Secure your users, check for inactive accounts and control access to your data and services with our Splunk Enterprise core licence packages.

Home and mobile working

Develop a mobile working policy and train staff to adhere to it. Apply secure baseline builds to all devices. Protect data in transit and at rest.

Information security policies training course 
Allows you to examine the origin of risks in behaviours, processes, physical, technical and environmental factors; and consider how policies can be used to mitigate and manage the risks.

Cyber security financial X-ray
A transparent overview of cyber security costs to help assess levels of protection and identify vulnerabilities.

Removable media controls

Removable media provide a common route for the introduction of malware and the accidental or deliberate export of sensitive data. Establish policies and practices which prevent this from happening within your organisation.

Cyber security assessment 
Helps you evaluate, analyse and improve your cyber security – to meet audit and compliance needs.

Web filtering and monitoring framework
A range of web filtering and monitoring solutions enabling members to apply web use policies.

Monitor your network activity

View DDoS mitigation data and traffic on your Janet Network connection through our cyber security portal.

Visit the cyber security portal

An easy route to procurement

We are an approved supplier on the Crown Commercial Service dynamic purchasing system (DPS). This provides a simple and trusted way for public sector buyers and our members to procure Jisc cyber security services.

Find out more on the Crown Commercial Service website