All University web hosted services will be at risk of downtime every Tuesday between 7am to 9am.

Jump to accessibility statement Skip to content
Close menu

Close

Close menu

Executive Summary


Techical Services / Cyber Security and Information Governance / Cyber Security / Cyber Security Strategy / Executive Summary
Lp5

Cyber Security Strategy

The Cyber Security Strategy aims to assess, protect and manage the ever-increasing business risks and threats that are posed to the University in the digital world and by doing so will help to ensure our staff, students and partners are protected throughout their journey with the University.

University’s Current Position

The strategy’s main aim and purpose is to significantly improve the cyber security position of the University in a number of key areas. These areas have been defined within the six main objectives of the strategy. These objectives are;

  • Increase cyber awareness across the institution at all levels to facilitate a cultural change to ensure people are continually aware of the business threats and change their perspective on responsibilities around cyber security.
  • Change our operating model to be more proactive in identifying and dealing with business risks from cyber threats.
  • Make significant, value-driven changes to our infrastructure to implement the defence in depth (onion model) approach. The aim is to reduce our attack surface through the introduction of technology and limit the effect an attack will have on us as an institution.
  • Improve our response and recovery ability to cyber incidents including testing for all known and likely eventualities.
  • Introduce a cyber-security framework that sets the guidelines and governance obligations required to align our development and operational activities to the cyber security strategy.
  • Continued Executive support and engagement to ensure cyber security remains a present and visible priority within the University.

Much progress has been made in areas of Cyber Security at the University through the introduction and associated work of the IT Security Programme which underpins the Strategy moving forward. However, key challenges remain, particularly in the areas of awareness & education, cultural change and a proactive operating model. The strategy objectives are focused on these challenges and the vision for the future in 2021.

The strategy will be delivered through five theme areas. These themes make up the Cyber Security Lifecycle focusing on specific deliverables to meet the objectives. The five themes are; 

  • Identify
  • Protect
  • Detect
  • Respond
  • Recover

The delivery of the strategy using the five themes as a focus point will improve the cyber security position of the University to be more secure, informed, aware, proactive and responsive which is the vision for 2021. As the University’s digital footprint ever increases so, does the cyber threat and the future beyond 2021 is unknown. However, with continued investment and support in cyber security the institution will be in a positive position moving forward.