Next Generation Security for
the Next Generation
Over the past 12 months, the growth of investment into cyber security, in comparison to previous years, has grown substantially. Education institutions are having to justify increased investments to protect their environments from the ever-changing cyber-attack landscape and at the same time, deliver an exceptional user experience through faster and reliable networking and WiFi services. These investments are costly and often only address single areas, meaning that multiple solutions need to be purchased, continually maintained and managed in order to deliver the right strategy for cyber protection.
The aim of this Education sector microsite is to share our approach and experiences, in partnership with Palo Alto Networks, in providing future proof and cost-effective solutions for the protection and prevention against cyber-attacks.
See how your peers have addressed cyber security
Simplifying Cyber Security
Is this possible?
We all know the impact of a successful attack can be considerable with data leakage/loss, network outages, financial loss and reputational damage. The question is how do you invest in the right solution to get maximum protection and return on investment.
Working closely with our customers, both in Higher and Further Education, our offering in partnership with Palo Alto Networks, enables institutions to invest into a single solution that addresses their key priorities and threats – from the outside world, all the way to their users – “an outside-in and inside-out architecture for cyber security” as shown here.
The National Cyber Security Centre (NCSC) Guidelines and Best Practices
Many institutions are following best practice guidelines for their cyber security strategies including NCSC’s “10 Steps to Cyber Security” and the Centre for the Protection of National Infrastructure (CPNI) 20 Critical controls, as well obtaining Cyber Essentials certification. KHIPU’s cyber security offerings, using key solutions including Palo Alto Networks ‘Next Generation Platform’, Jisc’s Vulnerability Assessment Services and Simulated Phishing and Associated Awareness Services, provide a single manageable and scalable solution that addresses the following NCSC steps. Please contact the KHIPU team for more information on mapping each step with our cyber security solutions.
The Jisc Security Posture Survey 2017
Further to the findings from Jisc’s cyber security posture survey completed this summer by HE and FE institutions, the survey highlighted a number areas that are key priorities for cyber protection and prevention. Both vulnerability assessment and simulated phishing services were among the top priorities that are either underway or planned for 2017/18.
Together with Jisc, KHIPU have created a number of cost-effective packages to address these priorities for on-going protection and prevention against cyber-attacks by identifying:
- Vulnerabilities in the infrastructure: servers, networks, perimeter security and external systems
- Overall risk to phishing attacks
- Cyber security awareness training and education needs
By identifying these fundamental areas and applying best practise recommendations for on-going protection and prevention, will reduce the risk of being breached by a cyber-attack.
All packages are available from KHIPU, via Jisc’s education sector frameworks; Vulnerability Assessment Service (VAS) and Simulated Phishing and Associated Awareness Service (PAAS).
For further details and case studies, see below.
Higher Education Data Breaches 2016 to 2017 - Lessons Learnt
The biggest data breaches within the education between 2016 and 2017 were a result from hacking / malware attacks.
As a result of these attacks, the following lessons learnt were shared by University and College customers:
- System hardening, integrity assurance and software version / patch management are just the first steps in protecting against threats
- Inbound, outbound, and internal network traffic needs to be controlled and monitored
- Network segmentation is a best practice towards only exposing enough information as is required for specific organisation processes
- Anti-malware controls capable of detecting previously unknown threats are a modern necessity
- The compromise of a single asset can negatively affect the entire network
- Sensitive information use and retention policies must balance institution requirements (e.g., compliance, business process) with limited potential exposure
References  Palo Alto Networks Unit 42 “January 2016 – June 2017 Higher Education Data Breaches”
Patch and "Un-Patchable"
With Advanced Endpoint Protection "TRAPS"
Many institutions are using applications that are running on unsupported operating systems. This has been the source of many attacks due to vulnerabilities exploiting these out of date and un-patchable systems. Using Palo Alto Networks Advanced Endpoint Protection solution ‘TRAPS’, you can safely enable the use of these unsupported systems as well replace existing anti-virus solutions – for zero-day protection against attacks. With ‘TRAPS’, you can also remove the time, complexity and risk associated with scheduled patching processes, which often are not frequent enough to be up to date with the latest vulnerabilities. Education institutions are eligible for the special discount price model for the TRAPs solution. Watch the ‘Prevent Cyber Security Breaches on the Endpoint’ video to learn about typical attack sequences and how Traps can prevent known and unknown malware and exploits.
Accreditations & Services
A trusted partner in the education sector
KHIPU is an Authorised Service Centre (ASC) at Platinum status and a Certified Professional Services Partner (CPSP) with Palo Alto Networks. We have been designing, supporting and managing their entire NextGen product portfolio for over six years specializing within the education sector. This coupled with our extensive investments in training, support / managed services and equipment (test, demonstration and spare holdings), demonstrates our capabilities and commitment to being the best company to partner with for NextGen security.
Cyber Security Purchasing Made Simple
JISC & G Cloud Frameworks
KHIPU’s cyber security solutions can be purchased directly via the following frameworks
without the requirement for a tender or procurement exercise.
Vulnerability AssessmentFind Out More
Simulated Phishing & AssociatedFind Out More
Jisc Routing and Switching Framework -Find Out More
LOT 9 Palo Alto Networks
Jisc Cyber SecurityFind Out More
These services are also available via G-Cloud Crown Commercial.
Many of our education sector customers have procured
KHIPU solutions from these public sector frameworks.
Cyber Security Posture Assessment Service
Free of Charge
Would you like to see what applications are traversing your network including SaaS and malicious activity (malware) as well as understand your current cyber security posture? Download our Prevention Posture Assessment and SaaS Application sample reports showing the information we can provide with our free of charge services.
- Cyber Security Blueprint for Higher Education 2017
- Credential Phishing Prevention
- Best Practices to secure the Datacenter
- NextGen Security for the Education sector
- VMware University Challenge: Cyber Attacks in HE
- GDPR Compliance & Palo Alto Networks Security Platform
- Safely Enable Your SaaS Applications
- NextGen Firewalls integrated with RADIUS/NA (PAN & HPE Aruba Networks)