After great success during October 2020, GÉANT are launching a similar initiative for cyber security awareness month 2021. They have collaborated with other organisations within the National Research and Education Network (NREN) to organise a fantastic calendar of activities throughout October following the theme: Cyber Hero @ home. GÉANT will be focusing on the following topics, providing useful information through blogs, videos, presentations and more: Week 1 (4-10 October): Be aware […]
Most* UK colleges and universities are already using one or more of the NCSC’s free cyber security tools, but for those of you that aren’t yet actively using their Active Cyber Defence services, you might want to look at the following: • Web Check checks your websites for common web vulnerabilities and misconfigurations in an […]
Jisc has been advocating Zero Trust as an approach for a while, with references in Cyber Impact and the current Janet Security Policy consultation to the previously published Beta architecture, but today (23rd July 2021), NCSC has released version 1.0 of their Zero Trust Design Architecture principles: https://www.ncsc.gov.uk/blog-post/zero-trust-1-0. NCSC define 8 principles that they state will […]
By Clare Stonebridge, Network Security Services Manager, Jisc, 12 July 2021 There’s never a ‘good’ time to suffer a cyber attack, but there are certainly a few dates in the year when the financial and reputational effects of a website or email failure will be more damaging than others. One of those key periods is approaching […]
The Jisc Cloud team in conjunction with the Jisc Trust and Identity team has published a post highlighting a potential security risk associated with the default Azure Active Directory (AAD) security settings that are commonly in place across our membership. If your organisation uses AAD (or plans to use it), then please read this information […]
Your institution may already have a subscription to British Standards Online (BSOL) which provides you with access to standards such as ISO 27001. If your institution does not have access, an agreement for access to BSOL is available through our License Subscriptions Manager.
The Jisc Cloud team has penned another security-related post that readers may be interested in: https://cloud.jiscinvolve.org/wp/2021/06/23/securing-azure-virtual-desktop/ In this post, Neil Sayer, Jisc’s Azure Solutions Architect, explains some of the ways that you can secure Azure Virtual Desktop deployments (or Windows Virtual Desktop as it used to be called). The post recommends the following points: * […]
For those of you who aren’t also following Jisc’s Cloud Blog, you may not have seen a post from Richard Jackson (Jisc’s Lead Cloud Security Specialist) on Remote access and Zero Trust. The post at https://cloud.jiscinvolve.org/wp/2021/06/16/973/ delves into how organisations should handle remote access securely and contains useful advice that can help mitigate against some […]
Andy Davis has been virtually touring the country recently providing advice and guidance to Heads of IT groups on DNS resilience, so I’ve asked him to share his top ten tips: (1) Keep your nameservers patched and running on supportable DNS platforms (OS and DNS application). (2) Review your Business Continuity Plans (BCP) – Do […]
Categories
GEANT webinar on DDoS attacks
Between the 8th and 17th of February 2021 GEANT are running a series of webinars on DDoS attacks, including Introduction to DDoS attacks Details of specific attacks Detecting attacks Mitigating attacks Participation is free of charge to all NRENs and their constituents. The courses are aimed at network and system administrators, as well as security […]