All Events and Webinars

Enhancing Data Security in Higher Education Institutions Webinar

Education and Research
Data Security and Privacy
Leadership and Resilience
Cloud and Infrastructure
Supply Chain and Third Party Risks
September 19, 2023
Show Notes
Timestamps
Universities face a constant tension between openness and security, making them uniquely difficult to protect. This session explores how institutions can manage real-world threats while supporting research, collaboration, and student access. Viewers will learn practical approaches to segmentation, governance, incident response, and awareness that reduce risk without undermining the core mission of education.

In-House Specialists

Ronan Murphy

Founder and Executive Chairman
View More

External Speakers

Justin Doyle

Deputy Director of ISS
View parter ecosystem

Gerard Culley

Director of IT
View parter ecosystem

Key Strategic Takeaways

Are Universities High-Value Targets With Built-In Complexity?

Higher education environments combine functions of government, enterprise, and research institutions, creating a broad attack surface with diverse data types and users. This makes them attractive not just for financial crime, but also for experimentation by attackers refining techniques across varied systems. Security strategies must accept this complexity and focus on managing risk across heterogeneous environments rather than trying to standardise everything.

Is Segmentation the Only Way to Balance Openness and Security?

Universities cannot apply strict controls universally without disrupting teaching and research, especially in BYOD-heavy environments. A zoning model, separating highly controlled “red zones” from more flexible “green zones”, allows institutions to protect sensitive data while preserving academic freedom. Effective segmentation, combined with identity controls and device trust, enables both security and usability without forcing a compromise between them.

Are Everyday Threats Persistent, Automated, and Well-Planned?

Institutions face constant threats including phishing, credential harvesting, invoice fraud, and exploitation of vulnerable web systems. Many attacks are automated at scale, with human operators stepping in once access is established, making early detection critical. Defence requires continuous monitoring, rapid response to anomalies, and strong identity protection to reduce the likelihood of initial compromise.

Is Security an Organisational Responsibility and Not Just IT?

Regulatory pressure and real-world incidents are pushing universities toward shared accountability models, where data protection, IT, leadership, and departments all play a role. Initiatives like embedded “data champions” help distribute responsibility and align security practices with daily operations. Building a strong security posture depends as much on governance and culture as on technical controls.

Must Resilience Planning Assume Long-Term Disruption?

Modern cyber incidents can render systems unusable for extended periods, making traditional disaster recovery assumptions insufficient. Universities must plan for continuity of teaching, payroll, and critical services even when core systems are offline. Resilience strategies should include scenario testing, rapid deployment of clean environments, and the ability to operate in degraded modes while recovery is underway.

No items found.
  • 00:01 Introduction to data security challenges in higher education
  • 01:27 Why universities are highly targeted and resemble complex nation-state environments
  • 02:53 Core challenge: protecting sensitive data while preserving open learning and research
  • 05:52 Debate on whether academic culture still resists strong security controls
  • 08:58 Common attacks in universities: invoice fraud, WordPress compromise, endpoint malware, and credential harvesting
  • 14:04 Regulation, compliance pressure, and the gap between legal obligations and technical controls
  • 16:18 Building security culture through awareness, training, and shared responsibility
  • 20:50 How DCU handles data protection governance and incident response ownership
  • 25:15 Practical examples of cross-functional collaboration on cloud risk and cyber resilience planning
  • 31:53 Student risk, BYOD, segmentation, and protecting sensitive institutional systems
  • 35:32 Third-party supplier risk and the need for stronger cyber due diligence
  • 44:02 AI in education, ChatGPT, and adapting assessment models instead of trying to ban new technology
Watch More
Security Operations

Protecting Critical Infrastructure | Palo Alto & Smarttech247 on Cyber Resilience

Smarttech247 and Palo Alto discuss the increasing cyber threats targeting critical infrastructure and essential services.
Watch Now

Seasonal Cybersecurity Risks for Transport Webinar

Smarttech247 leaders discuss transportation cybersecurity, focusing on OT security, digital twins, evolving threats, third-party risk, and resilience.
Watch Now

HSE Ransomware Attack and the Future of Cybersecurity in Ireland

Cybersecurity leaders discuss HSE ransomware attack and a path forward for Ireland, focusing on resilience, regulation, maturity models, and public awareness
Watch Now

Ready to scale your security and compliance operations?

We protect your on-premise/cloud/OT environments - 24x7x365

Talk to Our Experts