Skip navigation

Cybersecurity in UK universities: mapping (or managing) threat intelligence sharing within the higher education sector

Cybersecurity in UK universities: mapping (or managing) threat intelligence sharing within the higher education sector

Piazza, Anna ORCID: 0000-0002-5785-6948 , Vasudevan, Srinidhi ORCID: 0000-0002-8584-9112 and Carr, Madeline (2023) Cybersecurity in UK universities: mapping (or managing) threat intelligence sharing within the higher education sector. Journal of Cybersecurity, 9 (1). pp. 1-15. ISSN 2057-2085 (Print), 2057-2093 (Online) (doi:

PDF (Publisher VoR)
44492_PIAZZA_Cybersecurity_ in_UK_Universities_Mapping_or_managing_threat_intelligence (1).pdf - Published Version
Available under License Creative Commons Attribution.

Download (1MB) | Preview


Higher education has recently been identified as a sector of concern by the UK National Cyber Security Centre (NCSC). In 2021, the NCSC reported that universities and higher education institutions (HEI) had been exponentially targeted by cyber-criminals. Existing challenges were amplified or highlighted over the course of the global pandemic when universities struggled to continue to function through hybrid and remote teaching provision that relied heavily on their digital estate and services. Despite the value of the sector and the vulnerabilities within it, higher education has received relatively little attention from the cybersecurity research community. Over 2 years, we carried out numerous interventions and engagements with the UK higher education sector. Through interviews with cybersecurity practitioners working in the sector as well as roundtables, and questionnaires, we conducted a qualitative and quantitative analysis of threat intelligence sharing, which we use as a proxy for measuring and analysing collaboration. In a unique approach to studying collaboration in cybersecurity, we utilized social network analysis. This paper presents the study and our findings about the state of cybersecurity in UK universities. It also presents some recommendations for future steps that we argue will be necessary to equip the higher education sector to continue to support UK national interests going forward. Key findings include the positive inclination of those working in university cyber security to collaborate as well as the factor s that impede that collaboration. These include management and insurance constraints, concerns about individual and institutional reputational damage, a lack of trusted relationships, and the lack of effective mechanisms or channels for sectoral collaboration. In terms of the network itself, we found that it is highly fragmented with a very small number of the possible connections active, none of the organizations we might expect to facilitate collaboration in the network are playing a significant role, and some universities are currently acting as key information bridges. For these reasons, any changes that might be led by sectoral bodies such as Jisc, UCISA or government bodies such as NCSC, would need to go through these information brokers.

Item Type: Article
Uncontrolled Keywords: cybersecurity; higher education; university; social network analysis; collaboration; threat intelligence sharing
Subjects: H Social Sciences > HD Industries. Land use. Labor > HD61 Risk Management
L Education > LB Theory and practice of education > LB2300 Higher Education
Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Faculty / School / Research Centre / Research Group: Faculty of Business
Last Modified: 19 Oct 2023 11:58

Actions (login required)

View Item View Item


Downloads per month over past year

View more statistics