Over the last couple of years, a long line of industry experts have been quoted in the media explaining why the UK education sector is a target for cyber-attackers, and ready with guidance on how schools, colleges and universities should protect themselves.
While the advice is usually sound, it’s wrong to imply education is any more a target than other sectors. I also take issue with some of the more alarmist language: for example, just this month, one US cyber-security solutions provider chief information security officer unhelpfully described academic institutions as “sitting ducks”.
It’s irresponsible to pick out particular organisations or sectors as easy targets. The statement is also sweeping and inaccurate because it does not represent reality in the UK. I know this because, as the UK tertiary education sector’s expert digital body, Jisc has access to excellent information sources on the topic of cyber-security at colleges and universities.
