Cyber Security Programme
What is Cyber Security?
Cyber security “refers to the protection of information systems (hardware, software and associated infrastructure), the data on them, and the services they provide, from unauthorised access, harm or misuse. This includes harm caused intentionally by the operator of the system, or accidentally, as a result of failing to follow security procedures.” [The UK National Cyber Security Strategy 2016-2021, HM Government, UK.]
The concept of cyber security is built on three main principles:
• Confidentiality - ensuring that information is only available to authorised users;
• Integrity - ensuring that information is accurate and fit for purpose;
• Availability - ensuring that information is available when and where it is needed.
Why do we need a Cyber Security programme?
The aim of the Cyber Security programme is to put in place measures that enhance the existing capability of the 5XÉçÇøÊÓƵ to protect itself from both deliberate cyber-attacks and accidental disruption to its services.
Cyber Security is a fundamental element of the 5XÉçÇøÊÓƵ’s digital strategy, ‘Ahead of the Digital Curve’, which places a significant focus on the continually enhanced and sophisticated levels of threat that face institutions in the Higher Education environment. The Cyber Security programme, which began in 2020 is the response to these threats.
What is included in the programme?
In keeping with the defence-in-depth strategy, the programme comprises around 20 projects of varying complexity that cover a broad range of matters that enhances existing cyber security capabilities with a focus on people, process and technology. These include:
- Cyber security training and awareness for staff and students
- Detecting, predicting and countering direct or accidental attacks
- Strengthening protection systems for higher risk assets
- Strengthening the security of the 5XÉçÇøÊÓƵ’s supply chain
- Improving and updating policies and processes to reflect current and emerging threats
- Enhancements to business continuity and disaster recovery planning to manage and recover from attacks and
- Implementing security audit recommendations.
Learn more
Visit our training and awareness page to see how you can play your part and help to reduce the risk to 5XÉçÇøÊÓƵ systems and data.