Jisc Updates Cybersecurity Policy for Janet Network

Image source: istock.com/Temniy

Jisc announced policy changes aimed at strengthening cybersecurity in the way colleges, universities and research organizations use the Janet network.

The membership organization which provides technology services to the sector said the change follows last summer’s consultation and comes into effect on April 1, with three key updates.

First, organizations using the Janet Network will be required to undertake an annual self-assessment of their security posture.

Second, there will be an extension of existing geo-location IP blocking restrictions, going beyond remote desktop protocols to block high-risk protocols and ports. Restrictions will also change from an opt-in control to a default control.

Third, the mandate of Jisc’s Computer Security Incident Response Team will be expanded to perform network vulnerability scans, giving it a more proactive role rather than just responding to exceptional circumstances.

Growing threats

Janet’s head of policy and strategy at Jisc, Dr John Chapman, said: “We have made the policy changes against a backdrop of growing threats and on the basis that raising security standards across organizations individuals will contribute to the resilience of the whole sector.

“For example, ransomware, which according to our 2021 Cybersecurity Response Posture Survey is currently the number one threat to higher education institutions, can spread among connected organizations.

“It is therefore important that individual research and education organizations understand their cybersecurity strengths and weaknesses. An annual self-assessment will help achieve this.

“At this time, institutions can use whatever assessment methods suit them best, but we will work with members through our community safety group to see if there is consensus on which method works best or if we should work together to develop an industry-specific model.

“Colleges and universities don’t have to give us their assessment results, although we encourage them to share them. The data, which will be confidential, will help Jisc identify key issues and plan how to help the industry find solutions.

the Janet Network provides connectivity for sharing information between 18 million users in education and research.

Source link