Many companies use university students to conduct research for them and the students sometimes use the projects as part of their degrees, suitably anonymised when requested. They can use publicly available data for the research, or they can use data provided by the companies concerned. In addition universities also offer higher level dedicated original research which is commissioned and for which they earn a large part of their income.
Most people would assume that normal safeguards are in place – the research findings should be protected by the university and also by the students/researchers themselves so that no unauthorised person can use them for their own purposes. However, how many companies actually ask those basic security and privacy questions when they commission the universities to do this work for them?
VMware and Dell EMC jointly commissioned a report covering 68 universities and how they combat cyber threats to their research work, with research conducted in November and December 2018. The report, entitled ‘University Challenge: Protecting research in higher education‘ paints a worrying picture of the state of security in our universities, as a quarter of them think their research programmes may have been hacked. In fact, more than half believe research has landed up abroad as a result. However, given the lack of knowledge about data security and the low levels of investment in protection, it is likely that many more universities are being attacked without their knowledge.
Universities earn an average of £22 million each for research, but half of their IT heads said there was too little investment in cybersecurity, as only about 7% of this was allocated to protecting the data.
As by far the majority of university research is commissioned by government and associated bodies, and a third of that is involved with national security, this is very worrying!
If you are thinking of commissioning a university to do some research for you, we can help you to ask the right questions before you pass over your project.
Diana
Diana is a founder and Managing Director of Octagon Technology.
Twenty odd years ago Diana was teaching IT at a college in Essex when local companies started to come in and ask her for help with their computers. This led to the creation of Octagon Technology alongside fellow lecturer Clive, with a vision of providing Technology Without Tears for our clients.
Nowadays, Diana concentrates on the less glamourous side of the business, dealing with the statutory reporting, the strategic planning, the budgeting, forecasting and cash flow analysis. She also looks after the payroll, together with the human resources policies and procedures.
If you would like to talk to Diana about any of the issues raised in this article, please let me know and I will ask her to contact you and answer your questions.
Kamila
General Manager
Octagon Technology Ltd
