Cyber security is a key priority area for Jisc and one that is evolving quickly. It is therefore important that we have a full understanding of our members' needs, expectations and current provision in this area, in order to provide relevant cyber security products and support.
Following surveys in both 2017 and 2018, a similar survey was run in 2019 to get an up-to-date picture from both HE and FE organisations on their cyber security posture and priorities. The findings will be used to inform effective roadmap development and product planning at Jisc over the coming years.
The report focuses on research around cyber security structure and operations, provision and threats.
Key findings include:
- When looking at all threats listed, phishing/social engineering and procedures not being followed remain the top listed threats for both sectors
- Despite evidence of increased investment in training (particularly for staff), human error remains a major problem and risk
- As a strategic issue, cyber security is increasingly high up the agenda
- Some organisations have formalised 24/7 cover, but response procedures are sometimes reliant on the goodwill and dedication of cyber security staff
- Perceptions of organisation protection have remained fairly static in HE and decreased in FE in the last year
- Whilst lots of changes and improvements have already been made to improve their posture, organisations have a desire and motivation to implement more
- Proactive management of cyber threats has become a greater priority
- Third party services/sources used to monitor emerging threats indicate that peer knowledge, sharing and collaboration play a crucial role in protection