JISC Cybersecurity Guidance for Higher Education: Threat Reports, Janet Network and What Universities Must Do
JISC — the Joint Information Systems Committee — is the primary cybersecurity support body for UK universities and further education colleges. Through the Janet network, JISC provides dedicated connectivity and security services to the education and research sector, and publishes an annual cyber threat report that is among the most authoritative assessments of the threats facing UK higher and further education. Newcastle University's 2020 DoppelPaymer ransomware attack — which resulted in sensitive staff and student data being published on the dark web — was among the incidents shaping JISC's threat intelligence work in recent years.
JISC's annual cyber threat report is the definitive assessment of cybersecurity threats facing UK universities and FE colleges — drawing on Janet network data and sector-wide incident reports.
What JISC Provides to UK Universities and Colleges
JISC delivers a range of cybersecurity services specifically designed for the education and research sector:
- Janet network: dedicated high-speed connectivity for universities and colleges with built-in security monitoring
- DDoS mitigation: protection against distributed denial-of-service attacks targeting university systems
- Vulnerability scanning: regular scans of member institutions' internet-facing systems
- Cyber threat intelligence: sector-specific threat reports drawing on NCSC and law enforcement data
- Incident response support: guidance and coordination for institutions that suffer significant attacks
- Security guidance and toolkits: practical resources for IT teams at universities and colleges
JISC Annual Cyber Threat Report: Key Findings
JISC publishes an annual cybersecurity threat report for the higher and further education sector. Consistent findings across recent reports include: ransomware as the primary operational threat; phishing as the dominant attack vector for initial access; inadequate MFA deployment leaving institutions exposed to credential-based attacks; and supply chain risk from EdTech vendors. The 2020 report documented a significant increase in attacks on the sector during the pandemic, as institutions rapidly shifted to remote learning — expanding attack surfaces and creating new opportunities for attackers targeting VPN credentials and remote desktop systems.
Janet Network Security Services
The Janet network — JISC's dedicated network for UK education and research — provides built-in security services that go beyond standard commercial internet connectivity. Janet includes DDoS mitigation, traffic monitoring, and integration with JISC's Security Operations Centre. Universities and colleges connected to Janet benefit from a degree of network-level protection that is not available on standard commercial connections. However, Janet connectivity does not eliminate the need for institution-level security controls — endpoint protection, MFA, and identity management remain the responsibility of each institution.
NIS Regulations and Further Education
Larger universities may be classified as Operators of Essential Services (OES) under the Network and Information Systems (NIS) Regulations 2018 if they operate systems that underpin essential services. In practice, most universities have not been formally designated as OES — but the NIS framework's principles (proportionate security measures, incident reporting, supply chain oversight) represent good practice for all higher education institutions regardless of regulatory classification.
Frequently Asked Questions
Is JISC membership mandatory for UK universities?
JISC is not a mandatory regulatory body — universities and colleges choose to engage with JISC services. However, virtually all UK universities and most FE colleges are JISC members, as the Janet network and associated services provide significant security and connectivity benefits. JISC membership is strongly recommended for any HE or FE institution seeking to benefit from sector-specific threat intelligence and subsidised security services.
What should a university do if it suffers a ransomware attack?
Activate your incident response plan immediately. Isolate affected systems to contain the spread. Contact JISC's incident response team and the NCSC's Cyber Incident Response service. Assess whether personal data has been accessed or exfiltrated — if so, notify the ICO within 72 hours. Do not pay the ransom without specialist advice. Newcastle University's 2020 experience shows that even well-resourced institutions can face weeks of disruption — early containment and external specialist support are critical.
How does JISC threat intelligence differ from NCSC guidance?
JISC threat intelligence is sector-specific — focused on threats targeting UK universities and FE colleges, drawing on Janet network data and incident reports from member institutions. NCSC guidance is broader, covering all UK organisations, with some sector-specific supplements. Universities should use both: JISC for sector-specific threat intelligence and practical support, NCSC for technical guidance and the Cyber Essentials framework.
Talk to us about cybersecurity for your university or college
Kyanite Blue specialises in cybersecurity for iGaming operators. MGA-licensed operators across Malta trust our stack.
Get in touchReady to secure your iGaming operation?
MGA-licensed operators across Malta trust Kyanite Blue.