Cyber security has long been a challenge for universities, and demonstrating that you take it seriously is now a prerequisite of grant funding and government contract applications. The introduction of the EU General Data Protection Regulation (GDPR) has increased the importance of cyber security and data protection. However, many universities continue to leave themselves vulnerable, and the number of recorded cyber attacks has doubled in recent years.
Cyber criminals often use social engineering tricks to access and compromise systems, manipulating people into opening scam emails, downloading malicious files or visiting fraudulent websites. The impact can be catastrophic, but risks can be vastly reduced through staff and student awareness training.
The government is working to reduce the level of cyber security risk along its supply chain and expects organisations applying for government contracts – including universities applying for research grants – to hold Cyber Essentials Plus certification.
1. Protecting what you have
GDPR training and staff awareness
Our GDPR training courses offer a structured learning path to equip your staff with the specialist knowledge and skills needed to deliver GDPR compliance within your university. Our training courses are available in a range of different formats such as online courses, distance learning, or classroom options, to suit your needs.
Learn more about GDPR training
Shop all GDPR training
Whether it be testing your applications, networks, employees or your team, we offer a range of services that will arm you with new ways to strengthen your university's security posture against cyber threats, as well as meet the requirements of the latest standards and regulations.
Learn more about security testing
Shop all security testing products and services
Data protection impact assessments (DPIA)
This one-day workshop covers when to conduct a DPIA under the GDPR, and uses a real-life case study to demonstrate best practices and methodologies, including the application of a DPIA tool to help assess and address privacy risks.
Learn more about DPIAs
Shop all data protection products and services
PCI DSS (Payment Card Industry Data Security Standard)
The PCI DSS (Payment Card Industry Data Security Standard) is administered by the PCI SSC (Security Standards Council) to decrease payment card fraud across the Internet and increase payment card data security. It is common practice for a university to accept, store, transmit or process cardholder data, meaning you must comply with the PCI DSS.
Learn more about the PCI DSS
Shop all PCI DSS products and services
2. Protecting what you know
Penetration testing is a systematic process of probing for vulnerabilities within your applications and networks. It is essentially a controlled form of hacking in which the ‘attackers’ operate on your behalf to find the sorts of weaknesses that criminals exploit.
Learn more about penetration testing
Shop all penetration testing services
E-learning training for staff
E-learning is a cost-effective, flexible and efficient means of delivering staff awareness training to your staff. Our courses cover topics from PCI DSS, Information Security and GDPR in less than an hour.
Learn more about E-learning
Shop the full E-learning suite
We offer leading global consultancy across a variety of subjects, IT governance, risk management and compliance solutions. We advise global businesses on their most critical issues and present cost-saving and risk reducing solutions based on international best practice and frameworks.
Learn more about IT Governance consultancy
Shop all consultancy solutions
3. Demonstrating your protections
The Cyber Essentials scheme is a world-leading, cost-effective assurance mechanism for companies of all sizes to help demonstrate to customers and other stakeholders that the most important cyber security controls have been implemented. The scheme provides five security controls that, according to the UK government, could prevent “around 80% of cyber attacks”.
Learn more about the Cyber Essentials Scheme
Shop all Cyber Essentials products and services
ISO 27001 certification
ISO/IEC 27001:2013 (ISO 27001) is the international standard that describes the requirements for an ISMS (information security management system). Achieving accredited certification to ISO 27001 provides an independent, expert assessment that information security is managed in line with international best practice and business objectives.
Learn more about ISO 27001 certification
Shop all ISO 27001 products an services