Actu
UCL faced almost 60 million malicious email attacks: comments from Head of Fujitsu Cyber Security
April 2022 by Andy Robertson, Head of Fujitsu Cyber Security, Fujitsu UK&I
Following the news that the University College London (UCL) faced almost 60 million malicious email attacks in the first three months of 2022, I wanted to provide you with industry reaction from security expert, Andy Robertson, Head of Fujitsu Cyber Security, Fujitsu UK&I.
Below, Andy talks about the growing threat that universities face and the simple measures that can be implemented which should be part of their security DNA as they build-in new ways to serve their students.
Andy Robertson, Head of Fujitsu Cyber Security, Fujitsu UK&I said:
“Universities and research centres make for attractive targets to cyber criminals. They are often under resourced from a security perspective, and criminals are increasingly exploiting this concept – in fact, just last month, the Department for Digital, Culture, Media and Sport (DCMS) found that while 39% of businesses have identified breaches or attacks in the last 12 months, 93% of higher education had identified breaches or attacks in the last 12 months.
“Whilst universities have a balance to strike between functionality and security, there are some simple measures that can be implemented which should be part of their security DNA as they build-in new ways to serve their students.
“Going forward, universities need to offer the same protection and guarantees to their students as big companies do to their clients and customers. To do so means being able to identify equally sophisticated and proactive methods to protect themselves– both from a technical and people standpoint. For instance, organisations should review their high privilege accounts, who has access to them, and evaluate when the passwords were last changed. Technology, like a Privileged Access Management (PAM) solution, is an important security measure that organisations can place in front of system administration interfaces to manage and monitor high value systems and user accounts.
“And with employees and students working and studying in hybrid ways, meaning they regularly use their own devices and Wi-Fi, it’s critical they implement security tools such as Multi-Factor Authentication (MFA) and Conditional Access (CA) to data. These tools allow education institutions to set policies that control who can connect, where they can connect from and from what devices. However, technology can’t be the sole method of protection. Students and staff will always be the front line of defence. To stand the best chance of protection, they need to be given the tools and training to identify cyber criminals. Upskilling them and making them aware of the cyber threats will be one of the most effective ways to reduce the risk of cyber-attacks.”
