Cybersecurity in UK Universities: mapping (or managing) threat intelligence sharing within the higher education sector

IF 2.9 Q1 SOCIAL SCIENCES, INTERDISCIPLINARY
Anna Piazza, Srinidhi Vasudevan, Madeline Carr
{"title":"Cybersecurity in UK Universities: mapping (or managing) threat intelligence sharing within the higher education sector","authors":"Anna Piazza, Srinidhi Vasudevan, Madeline Carr","doi":"10.1093/cybsec/tyad019","DOIUrl":null,"url":null,"abstract":"Abstract Higher education has recently been identified as a sector of concern by the UK National Cyber Security Centre (NCSC). In 2021, the NCSC reported that universities and higher education institutions (HEI) had been exponentially targeted by cyber-criminals. Existing challenges were amplified or highlighted over the course of the global pandemic when universities struggled to continue to function through hybrid and remote teaching provision that relied heavily on their digital estate and services. Despite the value of the sector and the vulnerabilities within it, higher education has received relatively little attention from the cybersecurity research community. Over 2 years, we carried out numerous interventions and engagements with the UK higher education sector. Through interviews with cybersecurity practitioners working in the sector as well as roundtables, and questionnaires, we conducted a qualitative and quantitative analysis of threat intelligence sharing, which we use as a proxy for measuring and analysing collaboration. In a unique approach to studying collaboration in cybersecurity, we utilized social network analysis. This paper presents the study and our findings about the state of cybersecurity in UK universities. It also presents some recommendations for future steps that we argue will be necessary to equip the higher education sector to continue to support UK national interests going forward. Key findings include the positive inclination of those working in university cybersecurity to collaborate as well as the factors that impede that collaboration. These include management and insurance constraints, concerns about individual and institutional reputational damage, a lack of trusted relationships, and the lack of effective mechanisms or channels for sectoral collaboration. In terms of the network itself, we found that it is highly fragmented with a very small number of the possible connections active, none of the organizations we might expect to facilitate collaboration in the network are playing a significant role, and some universities are currently acting as key information bridges. For these reasons, any changes that might be led by sectoral bodies such as Jisc, UCISA or government bodies such as NCSC, would need to go through these information brokers.","PeriodicalId":44310,"journal":{"name":"Journal of Cybersecurity","volume":"22 1","pages":"0"},"PeriodicalIF":2.9000,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Cybersecurity","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1093/cybsec/tyad019","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"SOCIAL SCIENCES, INTERDISCIPLINARY","Score":null,"Total":0}
引用次数: 0

Abstract

Abstract Higher education has recently been identified as a sector of concern by the UK National Cyber Security Centre (NCSC). In 2021, the NCSC reported that universities and higher education institutions (HEI) had been exponentially targeted by cyber-criminals. Existing challenges were amplified or highlighted over the course of the global pandemic when universities struggled to continue to function through hybrid and remote teaching provision that relied heavily on their digital estate and services. Despite the value of the sector and the vulnerabilities within it, higher education has received relatively little attention from the cybersecurity research community. Over 2 years, we carried out numerous interventions and engagements with the UK higher education sector. Through interviews with cybersecurity practitioners working in the sector as well as roundtables, and questionnaires, we conducted a qualitative and quantitative analysis of threat intelligence sharing, which we use as a proxy for measuring and analysing collaboration. In a unique approach to studying collaboration in cybersecurity, we utilized social network analysis. This paper presents the study and our findings about the state of cybersecurity in UK universities. It also presents some recommendations for future steps that we argue will be necessary to equip the higher education sector to continue to support UK national interests going forward. Key findings include the positive inclination of those working in university cybersecurity to collaborate as well as the factors that impede that collaboration. These include management and insurance constraints, concerns about individual and institutional reputational damage, a lack of trusted relationships, and the lack of effective mechanisms or channels for sectoral collaboration. In terms of the network itself, we found that it is highly fragmented with a very small number of the possible connections active, none of the organizations we might expect to facilitate collaboration in the network are playing a significant role, and some universities are currently acting as key information bridges. For these reasons, any changes that might be led by sectoral bodies such as Jisc, UCISA or government bodies such as NCSC, would need to go through these information brokers.
英国大学的网络安全:绘制(或管理)高等教育部门的威胁情报共享
高等教育最近被英国国家网络安全中心(NCSC)确定为关注的一个部门。2021年,NCSC报告称,大学和高等教育机构(HEI)成为网络犯罪分子的目标。在全球大流行期间,当大学努力通过严重依赖其数字资产和服务的混合和远程教学提供继续发挥作用时,现有的挑战被放大或突出。尽管该行业价值巨大,也存在漏洞,但高等教育受到网络安全研究界的关注相对较少。在两年多的时间里,我们与英国高等教育部门进行了多次干预和合作。通过与该行业的网络安全从业人员的访谈,以及圆桌会议和问卷调查,我们对威胁情报共享进行了定性和定量分析,并将其作为衡量和分析合作的代理。在研究网络安全协作的独特方法中,我们利用了社会网络分析。本文介绍了我们对英国大学网络安全状况的研究和发现。它还提出了一些建议,为未来的步骤,我们认为是必要的装备高等教育部门继续支持英国的国家利益向前发展。主要发现包括大学网络安全工作人员合作的积极倾向以及阻碍这种合作的因素。这些问题包括管理和保险方面的限制、对个人和机构声誉受损的担忧、缺乏可信任的关系以及缺乏有效的部门合作机制或渠道。就网络本身而言,我们发现它是高度碎片化的,活跃的可能连接的数量非常少,我们期望在网络中促进合作的组织都没有发挥重要作用,一些大学目前正在发挥关键的信息桥梁作用。由于这些原因,可能由Jisc、UCISA等部门机构或NCSC等政府机构领导的任何更改都需要通过这些信息代理。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
Journal of Cybersecurity
Journal of Cybersecurity SOCIAL SCIENCES, INTERDISCIPLINARY-
CiteScore
6.20
自引率
2.60%
发文量
0
审稿时长
18 weeks
期刊介绍: Journal of Cybersecurity provides a hub around which the interdisciplinary cybersecurity community can form. The journal is committed to providing quality empirical research, as well as scholarship, that is grounded in real-world implications and solutions. Journal of Cybersecurity solicits articles adhering to the following, broadly constructed and interpreted, aspects of cybersecurity: anthropological and cultural studies; computer science and security; security and crime science; cryptography and associated topics; security economics; human factors and psychology; legal aspects of information security; political and policy perspectives; strategy and international relations; and privacy.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信