The requirement for robust and comprehensive cyber security exists across all sectors. Whilst we normally associate the threat to be most acute in finance, government and Critical National Infrastructure, it is increasingly clear that a similar threat exists in what hitherto may have been regarded as ‘softer targets’.

Earlier today, the BBC published an article that revealed both the scale of the threat to Universities and their vulnerability to cyber-attacks. Universities may initially appear to be a low yield target – after all what value is there in an undergraduate essay or the minutes of the Dungeons and Dragons club AGM?

But it isn’t about those things. The targeted and organised threat is geared towards uncovering the vast library of intellectual property that is developed and held by academic institutions. A huge proportion of our nationally important, cutting edge knowledge is contained in red brick repositories. It is easy to see how cyber criminals motivated by financial gain or state actors motivated by industrial espionage would see these as rich pickings.

They are easy pickings too; universities quite rightly foster a spirit of openness and sharing, including in the digital domain. This creates a massive attack surface, which is difficult to mitigate with generally meagre IT security budgets. That is why an intelligent, risk-based approach to cyber security is essential for academic institutions. Only by implementing a forward leaning and targeted approach to cyber defence can the academic sector defend their intellectual property from exfiltration and exploitation.