Cyber security

To help you get the most from your Jisc membership, we work to protect the Janet Network and connected organisations

16 questions you need to ask to assess your cyber security posture (pdf)

As technology becomes more complex and threats more sophisticated, it’s a challenge to keep your online environment and physical infrastructure secure.

Acting as a trusted partner and critical friend, we can help support you through these challenges with our range of services and in-house expertise.

Ten steps to cyber security

The National Cyber Security Centre’s (NCSC) ten steps to cyber security breaks down the task of defending your networks, systems and information into its essential components. Working in partnership with the NCSC, we’ve matched our key member services to those ten steps.

Risk management regime

Defining and communicating your board’s information risk management regime is central to your organisation’s overall cyber security strategy.

Cyber security assessment
Evaluate, analyse and improve your cyber security – to meet audit and compliance needs.

Penetration testing
Evaluate and improve the security of member systems or networks – by simulating real-world attacks.

User education and awareness

Users have a critical role to play in your organisation’s security. Awareness programmes and training help establish a security-conscious culture within your organisation.

Phishing framework 
Helps users safely experience what an attack might look like, along with related security training so they understand wider risks and know what to do if they suspect an issue.

Network security

Protect your network from attack, defend the perimeter and filter out unauthorised access and malicious content.

Critical services protection
Protect your business-critical services with fast, focused, and out-of-hours coverage – giving you extra peace of mind.

Foundation DDoS
Mitigate disruption to your Janet connection and avoid inconvenience, financial loss or reputational damage.

Secure configuration

Apply security patches and ensure the secure configuration of all systems is maintained.

Vulnerability assessment service and tools supply framework
Helping you choose a strategy to detect and assess vulnerabilities within your IT estate, so you can manage your security risks, compliance and quality.

Cyber Essentials
A trusted way to gain and renew Cyber Essentials certification, helping to make sure vital security precautions are in place.

Malware prevention

Produce relevant policies and establish anti-malware defences across your organisation. 

Janet Network resolver
Uses independent analysis and research on malware and phishing attacks to adapt to emerging and evolving threats.

Vulnerability assessment service and tools supply framework
Helping you choose a strategy to detect and assess vulnerabilities within members' IT estates.

Incident management

Establish an incident response and disaster recovery capability. Test your incident management plans within your organisation and report criminal incidents to law enforcement agencies.

Safeguards your current and future computer security. By monitoring and resolving security incidents that occur on the Janet Network, we can share intelligence and advice to help keep your own networks safe.

Janet Network resolver
Advanced protection, with the performance and capacity to meet the needs of all Janet Network connected organisations.


Establish and implement a monitoring strategy and produce supporting policies. Analyse logs for unusual activity that could indicate an attack.

Allows you to optimise your organisational performance, identify threats, and provide real-time insights into your infrastructure and services by automating the collection, indexing and alerting of your machine data.

Managed SIEM
Members have told us they want a SIEM to help with proactively managing cyber security threats. Managed SIEM meets this need and removes the difficulties education and research organisations often face when they want to implement, manage and maintain a SIEM solution.

Managing user privileges

Establish effective management processes and limit the number of privileged accounts. Monitor activity and audit logs.

Web filtering and monitoring solutions 
Enables you to apply age-appropriate or role-required web use policies with the most appropriate technology and toolset for your organisation.

Secure your users, check for inactive accounts and control access to your data and services with our Splunk Enterprise core licence packages.

Home and mobile working

Develop a mobile working policy and train staff to adhere to it. Apply secure baseline builds to all devices. Protect data in transit and at rest.

Information security policies training course 
Allows you to examine the origin of risks in behaviours, processes, physical, technical and environmental factors; and consider how policies can be used to mitigate and manage the risks.

Cyber Essentials
A government-backed scheme that helps you identify the key risks associated with remote working and gives peace of mind that you’ve put essential security protections in place.

Removable media controls

Removable media provide a common route for the introduction of malware and the accidental or deliberate export of sensitive data. Establish policies and practices which prevent this from happening within your organisation.

Cyber security assessment 
Helps you evaluate, analyse and improve your cyber security – to meet audit and compliance needs.

Cyber Essentials
Helps identify appropriate policies for granting access and patching third party-provided devices allowed to connect to your network, such as a member of staff’s personal mobile phone.

Monitor your network activity

View DDoS mitigation data and traffic on your Janet Network connection through our cyber security portal.

Visit the cyber security portal

An easy route to procurement

We are an approved supplier on the Crown Commercial Service dynamic purchasing system (DPS). This provides a simple and trusted way for public sector buyers and our members to procure Jisc cyber security services.

Find out more on the Crown Commercial Service website

Networkshop50, 8-10 June 2022

Scalable, connected, and resilient - make sure your network strategy is ready for the future. Networkshop50 will explore agile connectivity, cloud as an enabler and cyber security risk elevation.

Find out more and book your place