All University web hosted services will be at risk of downtime every Tuesday between 7am to 9am.

Jump to accessibility statement Skip to content
Close menu

Close

Close menu

University’s Current Position


Techical Services / Cyber Security and Information Governance / Cyber Security / Cyber Security Strategy / University’s Current Position
Lp5

Cyber Security Strategy

The Cyber Security Strategy aims to assess, protect and manage the ever-increasing business risks and threats that are posed to the University in the digital world and by doing so will help to ensure our staff, students and partners are protected throughout their journey with the University.

University’s Current Position

With the ever-increasing digital footprint needed for delivering learning and teaching as well as improving staff efficiency through the use of technology, the University embarked on a multi-year IT Security Programme to improve the cyber security posture of the institution. The programme launched in 2014 and identified that the cyber security maturity of the University was lower than desired and offered a number of key areas for development. The programme will run until 2020 and underpins the activities of the Cyber Security Strategy moving forward.

A number of key elements have already been achieved through the programme;

  • Vulnerability assessments using an enterprise toolset on our core infrastructure to identify threats and allow the removal of these or mitigate against risks that are posed to the institution.

  • Supply chain security and privacy assessments to understand the risk and security controls that are in place when working with external suppliers hosting University information.

  • Dedicated cyber staff resource that is the technical lead and one of the key strategic identities on all cyber security related issues across the University.

    • Improved knowledge and understanding of cyber security concerns across certain parts of the business.

Much progress has been made; key challenges remain especially around awareness, education and cultural change. The University has completed a Cross-Institutional Review in 2017 with the outcome of harmonising service areas to improve efficiency. This provides opportunities to start and address challenges around individual cultural and operational changes for staff. A general lack of education and awareness of cyber threats means the University is in a constant reactive position to any cyber threat or risk that it faces as an institution.

We are able to address these challenges and put us in a better position for the future. This can be achieved through the Cyber Security Strategy and the subsequent frameworks and programmes that support this along with continued Executive support and a cultural change within the University.