Skip to main content

Uncovering the biggest cyber-threats in higher education

Ahead of the Jisc Security Conference on Tuesday 21 and Wednesday 22 November, Softcat and Trend Micro provide insight and solutions to the biggest threats faced by UK higher education institutions


higher education tech

The education sector has long been a magnet for both financially motivated cybercrime and even state-sponsored activity. Universities and colleges in particular, offer a treasure trove of staff and student data and potentially lucrative research material—to steal, encrypt and/or ransom. Defending these networks begins with understanding how they are compromised. That’s where higher education (HE) IT service provider Jisc comes in. Since 2017, the non-profit has been conducting research into security posture in the sector.

Softcat and Trend Micro's dedicated higher education teams are excited to announce a presence at the upcoming Jisc Security Conference on Tuesday 21 and Wednesday 22 November at the ICC in Newport, Wales (and online on Thursday 23 November). We’d love for you to visit us at Stand 18 during the event. It’s a valuable opportunity to engage in meaningful discussions regarding cyber security within HE, and to gain firsthand insights into how these areas are influencing and impacting your organisation.

The top three HE concerns

Ahead of the upcoming security conference, Softcat and Trend Micro have been reviewing data from Jisc’s 2022 cyber security posture report to identify the challenges UK HE institutions are facing and how we can help. The report is compiled in part from interviews with and survey results from dozens of senior IT and security staff working in UK universities. Their top three cybersecurity concerns were highlighted as follows:



Weighted Score 


Ransomware / Malware



Phishing / Social Engineering 



Unpatched Security Vulnerabilities 



This data is backed up by the findings from the UK government’s Cyber security breaches survey 2023 – education institutions annex, which identifies that 100% of HE institutions surveyed had experienced a phishing attack in the previous 12 months. That compares to 79% of corporate businesses. It also reveals that 64% of HE institutions experienced a malware-based attack, versus just 11% of businesses. Let’s take a deeper look into these top three security concerns…

1)     Ransomware and malware

Although just 9% of HE institutions claimed to have experienced a ransomware attack in the past 12 months, even fewer businesses (4%) said the same, according to the government study. It takes just one misplaced click or stolen credential to potentially compromise a HE network. The impact of ransomware can be catastrophic, leading to service disruption, reputational damage and financial loss. Threat actors know universities have a low tolerance for downtime, especially around exam and enrolment time, and will focus their attacks accordingly.

2)     Phishing and social engineering

Trend Micro produces an annual email threat landscape report using data from their Cloud App Security product, which is designed to catch highly evasive and complex threats that fool Microsoft 365 defences. The table below shows why even education institutes with a Microsoft A5 agreement should be looking at defence in depth when it comes to email protection:

When it comes to mitigating phishing threats, universities need to deploy both technical measures and end-user education programmes. The latter can turn arguably the weakest link in the security chain into a fantastic last line of defence. Trend Micro recommends that all organisations run regular simulated phishing campaigns and follow-up sessions based on the results from these simulation exercises.

All attendees at the Jisc Security Conference 2023 will be entitled to a two-month trial of the premium version of Trend Micro Phish Insight to help kick-start an end user education programme.

1)     Unpatched vulnerabilities

The third biggest concern for UK HE institutions is unpatched vulnerabilities. Patching is often challenging for the sector, given that most organisations have large estates of legacy technology. This has likely become an even bigger issue in the past month, with Windows Server 2012 reaching end of support. Yet even with supported operating systems, there can be a lengthy window between patches being released and deployed onto university endpoints. This is due to change control processes and the challenges around rebooting live systems in a 24x7 environment. This is where virtual patching can help by protecting systems from known and unknown threats, giving universities more breathing space to patch and upgrade at their own pace. 

If you’d like to find out more about how Softcat and Trend Micro can help to support your organisation, please visit us at stand 18 at the Jisc Security Conference. Additionally, you can visit Softcat’s Education Hub to discover the wide range of unique and tailored support services we offer HE institutions.

We’d also like to invite you to join us at our next collaborative webinar with Trend Micro – Accelerate your business with AWS Marketplace: Public Sector. Taking place on Wednesday 29 November at 10:00 (GMT), the webinar will focus on the value of procuring through AWS Marketplace, via Softcat.