We use cookies to give you the best experience and to help improve our website
Find out more about how we use cookies
No thanks That's fine
Skip to main content
Cyber security
Cyber security
To help you get the most from your Jisc membership, we work to protect the Janet Network and connected organisations
Take part in our 2021 cyber security survey >
As technology becomes more complex and threats more sophisticated, it’s a challenge to keep your online environment and physical infrastructure secure.
Acting as a trusted partner and critical friend, we can help support you through these challenges with our range of services and in-house expertise.
Ten steps to cyber security
The National Cyber Security Centre’s (NCSC) ten steps to cyber security breaks down the task of defending your networks, systems and information into its essential components. Working in partnership with the NCSC, we’ve matched our key member services to those ten steps.
Risk management regime
Defining and communicating your board’s information risk management regime is central to your organisation’s overall cyber security strategy.
BS31111 cyber risk and resilience audit and assessment
A top-down approach to managing cyber risk, helping leaders to understand risks, mitigate them and stay resilient.
Penetration testing
Evaluate and improve the security of member systems or networks – by simulating real-world attacks.
User education and awareness
Users have a critical role to play in your organisation’s security. Awareness programmes and training help establish a security-conscious culture within your organisation.
Phishing framework 
Helps users safely experience what an attack might look like, along with related security training so they understand wider risks and know what to do if they suspect an issue.
Network security

Protect your network from attack, defend the perimeter and filter out unauthorised access and malicious content.
Critical services protection
Protect your business-critical services with fast, focused, and out-of-hours coverage – giving you extra peace of mind.
Foundation DDoS
Mitigate disruption to your Janet connection and avoid inconvenience, financial loss or reputational damage.
Secure configuration
Apply security patches and ensure the secure configuration of all systems is maintained.
Vulnerability assessment service and tools supply framework
Helping you choose a strategy to detect and assess vulnerabilities within your IT estate, so you can manage your security risks, compliance and quality.
Cyber Essentials
A trusted way to gain and renew Cyber Essentials certification, helping to make sure vital security precautions are in place.
Malware prevention
Produce relevant policies and establish anti-malware defences across your organisation. 
Janet Network resolver
Uses independent analysis and research on malware and phishing attacks to adapt to emerging and evolving threats.
Vulnerability assessment service and tools supply framework
Helping you choose a strategy to detect and assess vulnerabilities within members' IT estates.
Incident management
Establish an incident response and disaster recovery capability. Test your incident management plans within your organisation and report criminal incidents to law enforcement agencies.
CSIRT 
Safeguards your current and future computer security. By monitoring and resolving security incidents that occur on the Janet Network, we can share intelligence and advice to help keep your own networks safe.
Janet Network resolver
Advanced protection, with the performance and capacity to meet the needs of all Janet Network connected organisations.
Monitoring

Establish and implement a monitoring strategy and produce supporting policies. Analyse logs for unusual activity that could indicate an attack.
Splunk 
Allows you to optimise your organisational performance, identify threats, and provide real-time insights into your infrastructure and services by automating the collection, indexing and alerting of your machine data.
Managed SIEM
Members have told us they want a SIEM to help with proactively managing cyber security threats. Managed SIEM meets this need and removes the difficulties education and research organisations often face when they want to implement, manage and maintain a SIEM solution.
Managing user privileges
Establish effective management processes and limit the number of privileged accounts. Monitor activity and audit logs.
Web filtering and monitoring solutions 
Enables you to apply age-appropriate or role-required web use policies with the most appropriate technology and toolset for your organisation.
Splunk
Secure your users, check for inactive accounts and control access to your data and services with our Splunk Enterprise core licence packages.
Home and mobile working
Develop a mobile working policy and train staff to adhere to it. Apply secure baseline builds to all devices. Protect data in transit and at rest.
Information security policies training course 
Allows you to examine the origin of risks in behaviours, processes, physical, technical and environmental factors; and consider how policies can be used to mitigate and manage the risks.
Cyber Essentials
A government-backed scheme that helps you identify the key risks associated with remote working and gives peace of mind that you’ve put essential security protections in place.
Removable media controls
Removable media provide a common route for the introduction of malware and the accidental or deliberate export of sensitive data. Establish policies and practices which prevent this from happening within your organisation.
Cyber security assessment 
Helps you evaluate, analyse and improve your cyber security – to meet audit and compliance needs.
Cyber Essentials
Helps identify appropriate policies for granting access and patching third party-provided devices allowed to connect to your network, such as a member of staff’s personal mobile phone.
Monitor your network activity
View DDoS mitigation data and traffic on your Janet Network connection through our cyber security portal.
Visit the cyber security portal
An easy route to procurement
We are an approved supplier on the Crown Commercial Service dynamic purchasing system (DPS). This provides a simple and trusted way for public sector buyers and our members to procure Jisc cyber security services.
Find out more on the Crown Commercial Service website
Jisc security conference, 9-11 November 2021
Join us online for an in-depth programme of talks and training courses designed to upskill all staff members - from network and security specialists, to teaching and learning practitioners.
Find out more and book your place
Useful links
help@jisc.ac.uk
0300 300 2212
Cyber security blog
Watch our documentary
Explore cyber security
SERVICES
Allow and deny lists
BS 31111 audit and assessment
Critical services protection
Cyber Essentials
Cyber security assessment
Cyber security financial X-ray
Foundation DDoS mitigation
Email advice and testing
Janet Network CSIRT
Janet Network resolver
Network time service (NTP)
Managed SIEM
Penetration testing
Primary nameserver service
Security operations centre
Simulated phishing and associated training framework
Splunk
Vulnerability assessment service and tools supply framework
Web filtering and monitoring framework
TRAINING
Computers, privacy and the law
Cyber Essentials drop-in clinic
Hands-on incident response
Information security policies
Penetration testing - think like a hacker
Workshop to Raise Awareness of Prevent (WRAP)
GUIDES
Maintaining access to internal services during a continuity event
Data protection
Preparing for GDPR
News and updates
NEWS
New global partnership helps education sector defend against cyber attacks
Jisc security team earns accolades at international competitions
Why it’s important to cultivate the idea that security is everyone’s business
BLOG
Research data infrastructure needs to keep pace with technology, look to the future, and focus on trust
‘In shaping the UK’s post-Brexit research and development landscape, the devil is in the detail’
Ransomware: are your systems well protected?
INFORM
Are you looking after payment card data securely?
Top ten steps to affordable end-user security training
How to talk about web filtering in universities
Cyber security
Give feedback
Areas
Connectivity
Cyber security
Cloud
Data and analytics
Libraries, learning resources and research
Student experience
Trust and identity
Advice and guidance
Explore
Guides
Training
Consultancy
Events
R&D
Useful
About
Membership
Get involved
News
Jobs
Get in touch
Contact us
Sign up to our newsletter
Twitter
Facebook
LinkedIn
YouTube
Cookies
Privacy
Modern slavery
Accessibility