Abstract
In recent years, all aspects of human life have become more and more dependent on the internet. This level of growing dependency for all purposes has led to a considerable number of cybercrimes resulting in innovative and dynamic attacks. Universities in recent years have not been immune to these incidents and Higher Education (HE) institutions are increasingly prone to cyberattacks as threat actors target the wealth of personal, financial, research and intellectual data universities possess. Although a lot of research has been undertaken on the impact of security breaches or incidents across a wide range of industries, there is limited literature on incidents affecting universities. Often, cyber security is regarded as the domain of IT specialists, with senior management and organisations not fully equipped to deal with the risks and attacks. It is becoming increasingly important to acknowledge that cyber security is not limited to the IT department but needs to be managed across an entire organisation. By analysing data previously collected by the Cyber Security Division of Jisc - the organisation that provides digital solutions for UK education and research, this research explores the cyber security of HE institutions. The original data set was complemented with network data from Jisc’s Janet network, including Denial of Service attack data, and from open source data from web searches and published university league tables and other UK status rankings. The quantitative analysis of the data allowed for the understanding of the challenges universities face and the factors that impact the severity of cyberattacks within the institutions. This research aims to determine if the posture of a university i.e. managerial, organisational and strategic aspects of an institution has an impact on the cyberattacks. It investigates the type and severity of attacks or breaches at institutions and whether there is a difference in number or severity if they have an information security certification. It further explores the institutional spend on security controls and evaluates the structure of the security team versus severity of attacks/breaches.
Original language | English |
---|---|
Title of host publication | The Severity of Cyber Attacks on Education and Research Institutions: Function of their Security Posture |
Subtitle of host publication | 13th International Conference on Cyber Warfare and Security |
Editors | Jim Q. Chen, John S. Hurley |
Place of Publication | United Kingdom |
Pages | 111-119 |
Number of pages | 9 |
Volume | 2018-March |
Publication status | Published - 1 Jan 2018 |
Event | 13th International Conference on Cyber Warfare and Security, ICCWS 2018 - , United States Duration: 8 Mar 2018 → 9 Mar 2018 |
Conference
Conference | 13th International Conference on Cyber Warfare and Security, ICCWS 2018 |
---|---|
Country/Territory | United States |
Period | 8/03/18 → 9/03/18 |
Keywords
- Cyber resilience
- Cyber security
- Cyber security management
- Education
- Higher education institutions