High risk but low funding: How UK universities can do cybersecurity on a budget


According to recent research from the Department of Science, Innovation and Technology, over the past year, 85% of UK higher education institutions reported finding a cyber breach. This number is significantly higher compared to UK businesses — of which only 32% reported breaches. Perhaps what’s even more worrying is the frequency of higher ed breaches: half of higher ed institutions report experiencing weekly cyber attacks.

Why is higher education the most targeted for cyber threats?

Valuable research data. Universities hold large amounts of research data, making them especially vulnerable to having information held ransom by ransomware attacks. Additionally, with less budget, many universities are having to do less with more, including in their IT and cybersecurity departments, so security protections on research data is not always as strong as it could be in ideal circumstances.

Fewer resources. HM government estimates that there is a shortfall of 14,000+ cybersecurity personnel each year, and this problem is more acute at universities, which are vying with private sector companies (with deeper pockets) for cybersecurity specialists. Attackers are taking advantage of the fact that there’s a greater chance threats will go undetected at universities with smaller staff and resources.

What are the effects of cyber breaches at universities?

Financial impact. The global average cost of a data breach is $4.35 million. Especially when research data is the target, cyber breaches come with significant financial impact to universities. In these times when budgets have been slashed by inflation and student enrollment is volatile, research is a key revenue lifeline for many institutions. When that’s compromised by a cybersecurity breach, already strapped resources become tighter.

(Even more) resource strain. Each separate cyber breach requires additional staff time, leaders report. Institutions are having to hire more security staff, both to address the immediate problems, but to also develop new procedures after the attack. With less government funding than in the past, this budget strain becomes especially challenging for universities.

6 ways to tackle cybersecurity on a limited budget

1. Develop a cybersecurity strategy 

While this seems like a logical baseline, IT teams at universities are often pulled in many different directions and are constantly “fighting fire.” As a result, developing a forward-looking strategy is (rightfully) moved to the bottom of the to-do list. In fact, only 50% of higher education institutions in the UK say they have a cybersecurity strategy (compared to 70% of businesses).

If it’s possible, carve out some space and time to sit down with a cross-team working group to discuss your cybersecurity priorities and how various teams can play a role, even if it’s just spreading awareness and education to students, faculty, and staff.

For more guidance on creating your university’s cyber strategy, the NCSC has many helpful resources for public sector

2. Reduce data silos

Cybersecurity is a data problem. A data problem that is also solved with . . . data. Most universities struggle with data silos: different teams across the organisation use different tech solutions and are responsible for different types of data for different purposes.

As a result, there often isn’t one “single source of truth” that teams can turn to to see all their data in one place. When your university’s data is stored in one central, accessible, and searchable platform, you reduce the likelihood of harboring hiding places where cyber threats can go undetected for long periods of time.

Download this checklist for more suggestions on unifying your data.

3. Automate as much as possible

Stretch your team’s brainpower by leveraging automation tools wherever you can. Automate security workflows and repetitive steps so that your team can spend their already-packed days on problems that require human creativity and problem solving instead of rote repetition. You can start with built-in actions and develop custom responses as needed.

Elastic® Security enables you to thwart ransomware, malware, and other attack types using behavioral analytics and machine learning.

Learn more about automated threat protection.

4. Consider an open, community-based approach

Open security leverages community and collaboration to bring transparency to security. It has the potential to transform the cybersecurity industry by bringing security practitioners together to create a more resilient response to enterprise threats. 100% of higher education leaders say they’re looking for external guidance on cybersecurity. Take advantage of resources such as communities built around open software. For example, Elastic’s Security Labs analysts can leverage Elastic’s open technology foundation to conduct research on emerging threats and how to prevent them.

Read more about the value of open security.

5. Consolidate your security tools

Lots of universities are struggling with using multiple, siloed tools for security — a problem frequently reported among the larger public sector community. According to a study from Workday, 80% of government leaders say that integrating siloed data is the most important factor in making better real-time decisions.

As much as you can, try to consolidate so you can reduce those hiding spots for cyber threats. Elastic Security enables universities to protect, investigate, and respond to complex threats by unifying SIEM (security information and event management), endpoint security, and cloud security. The good news is that using one solution for multiple purposes can considerably reduce staff training and increase team collaboration.

Learn more about Elastic Security.

6. Take tool consolidation one step further

If you centralise your data into one central system, as mentioned in #2 above, that data can be used for many purposes. Elastic Security is built on top of the powerful, AI-backed Elasticsearch® platform, so once your data is in the platform you can leverage its capabilities, such as being able to find all your information via one query. You can also layer on Elastic Observability to get even more functionality out of the Elasticsearch platform.

Read more about tool consolidation for public sector.

Learn more about higher education cybersecurity

Read the white paper Cybersecurity for Higher Education: How UK universities can defend against escalating threats.