Protecting the reputation of UK Higher Education with your most valuable defence: your people

Updated: Dec 6, 2018

Digital transformation is a vital part of supporting growing student expectations of technology in higher education.


How can the higher education sector protect itself from and respond to a cyber-attack in the era of increased digital connectivity?


IQS’s discussion paper, Protecting the reputation of UK Higher Education with your most valuable defence: your people, addresses these concerns and provides practical guidance for those in universities responsible for cyber resilience:

Digital transformation is a vital part of supporting growing student expectations of technology in higher education.


Students want “anytime, anywhere” technology which matches their increasingly mobile and multi-device and multi-platform lives. However, the proliferation of connected devices and data increases the risks of cyber crime.

In 2015, the universities faced a “denial of service” attack on the sector’s JANET network, preventing access to digital services and causing serious disruption. University cyber security breaches have doubled in the past two years to 1,152, including a ransomware attack on University College London in 2017. Attacks present a significant threat to staff, alumni and students’ personal data, including dissertation materials and exam results, and institutions’ intellectual property and research data.


Serious cyber breaches and the level of attempted cyber-attacks reinforce the need for the higher education sector to improve its capabilities, not least with the full implementation of the EU’s General Data Protection Regulation (GDPR) from 25 May of this year.



IQS’ latest paper offers a way forward for universities with guidance on:

how to audit your university’s critical information and establish where your vulnerabilities are

identifying what controls, you have in place and what needs to change

transforming your organization’s cyber security and resilience culture.

It also provides a “roadmap for improvement”, illustrating how to:

get cyber resilience on the agenda of senior management

provide practical learning and guidance for your people to ensure they are cyber resilient

embed cyber resilience best practice among all staff – your best defence against cyber-attack


Please download the paper here: