Higher education has recently been identified as a sector of concern by the UK National Cyber Security Centre (NCSC). In 2021, the NCSC reported that universities and higher education institutions (HEI) had been exponentially targeted by cyber-criminals. Existing challenges were amplified or highlighted over the course of the global pandemic when universities struggled to continue to function through hybrid and remote teaching provision that relied heavily on their digital estate and services. Despite the value of the sector and the vulnerabilities within it, higher education has received relatively little attention from the cybersecurity research community. Over 2 years, we carried out numerous interventions and engagements with the UK higher education sector. Through interviews with cybersecurity practitioners working in the sector as well as roundtables, and questionnaires, we conducted a qualitative and quantitative analysis of threat intelligence sharing, which we use as a proxy for measuring and analysing collaboration. In a unique approach to studying collaboration in cybersecurity, we utilized social network analysis. This paper presents the study and our findings about the state of cybersecurity in UK universities. It also presents some recommendations for future steps that we argue will be necessary to equip the higher education sector to continue to support UK national interests going forward. Key findings include the positive inclination of those working in university cybersecurity to collaborate as well as the factors that impede that collaboration. These include management and insurance constraints, concerns about individual and institutional reputational damage, a lack of trusted relationships, and the lack of effective mechanisms or channels for sectoral collaboration. In terms of the network itself, we found that it is highly fragmented with a very small number of the possible connections active, none of the organizations we might expect to facilitate collaboration in the network are playing a significant role, and some universities are currently acting as key information bridges. For these reasons, any changes that might be led by sectoral bodies such as Jisc, UCISA or government bodies such as NCSC, would need to go through these information brokers.

中文翻译：

---

英国大学的网络安全：绘制（或管理）高等教育部门内的威胁情报共享

高等教育最近被英国国家网络安全中心（NCSC）确定为关注的领域。2021 年，NCSC 报告称，大学和高等教育机构 (HEI) 成为网络犯罪分子的指数级目标。在全球大流行期间，当大学难以通过严重依赖其数字资产和服务的混合和远程教学继续发挥作用时，现有的挑战被放大或凸显。尽管该行业具有价值且存在漏洞，但高等教育受到网络安全研究界的关注相对较少。两年多来，我们对英国高等教育部门进行了多次干预和接触。通过对该行业网络安全从业人员的采访以及圆桌会议和问卷调查，我们对威胁情报共享进行了定性和定量分析，并将其用作衡量和分析协作的代理。在研究网络安全协作的独特方法中，我们利用了社交网络分析。本文介绍了有关英国大学网络安全状况的研究和我们的发现。它还提出了一些关于未来步骤的建议，我们认为这些建议对于使高等教育部门继续支持英国未来的国家利益是必要的。主要调查结果包括大学网络安全工作人员积极合作的倾向以及阻碍合作的因素。其中包括管理和保险限制、对个人和机构声誉损害的担忧、缺乏信任关系以及缺乏有效的部门合作机制或渠道。就网络本身而言，我们发现它高度分散，活跃的可能连接数量极少，我们期望促进网络协作的组织都没有发挥重要作用，并且一些大学目前正在采取行动作为关键的信息桥梁。出于这些原因，任何可能由 Jisc、UCISA 等部门机构或 NCSC 等政府机构领导的变革都需要通过这些信息经纪人。缺乏有效的部门协作机制或渠道。就网络本身而言，我们发现它高度分散，活跃的可能连接数量极少，我们期望促进网络协作的组织都没有发挥重要作用，并且一些大学目前正在采取行动作为关键的信息桥梁。出于这些原因，任何可能由 Jisc、UCISA 等部门机构或 NCSC 等政府机构领导的变革都需要通过这些信息经纪人。缺乏有效的部门协作机制或渠道。就网络本身而言，我们发现它高度分散，活跃的可能连接数量极少，我们期望促进网络协作的组织都没有发挥重要作用，并且一些大学目前正在采取行动作为关键的信息桥梁。出于这些原因，任何可能由 Jisc、UCISA 等部门机构或 NCSC 等政府机构领导的变革都需要通过这些信息经纪人。我们期望促进网络合作的组织都没有发挥重要作用，一些大学目前正在充当关键的信息桥梁。出于这些原因，任何可能由 Jisc、UCISA 等部门机构或 NCSC 等政府机构领导的变革都需要通过这些信息经纪人。我们期望促进网络合作的组织都没有发挥重要作用，一些大学目前正在充当关键的信息桥梁。出于这些原因，任何可能由 Jisc、UCISA 等部门机构或 NCSC 等政府机构领导的变革都需要通过这些信息经纪人。