"It’s important to show that criminals are at play and the types of techniques they use to steal data”
Michael Jenkins MBE, CISO of Brunel University talks to Sooraj Shah about how cyber security metrics are shared across the whole university so that systems and individuals can be protected.
Michael Jenkins will be speaking at the teissR3 | Resilience, Response and Recovery summit taking place online, 15 - 24 September.
This year, the very popular teissR3 event focuses on how to improve your organisation’s cyber resiliency and adopt best-practice in incident response and crisis management in a post-COVID-19 world. Space is limited. Register your free place by clicking here.
In terms of how those relationships are being maintained and developed remotely with your staff and students, how have you managed to keep that going?
I think a lot of this will stay in place before we went into lockdown and worked at home. I had a regular intelligence bulletin and regular messaging that went into our business units, and that had been results of a couple of years work, where we wanted to always show with an openness and transparency, some of the statistics and the metrics that we were seeing in the cyber scene, and we want to share that with the community so that they could see the criminal landscape and how it may affect them in their business, the university in their mission, and of course their friends and their family and people at home. It's important to show that criminals are at play and the types of tactics, techniques, and procedures that they are utilising to harvest data and then explain to them what they do with that, which is then sell it on the dark web or use ransomware to hold businesses to extortion.
And I think the more that we kept that rhythm of regular communication, much of which I had cascading three directors of business units and datasense managers, but also other communication methods. It just provided a gentle and continual influence and awareness that actually we've got to take as much care as we can and that the defence of our data as a collective, community response, rather than just individuals across the university.