Mark Molyneux, Field CTO – Northern Europe at Commvault
Universities manage vast volumes of sensitive data – from student records and payroll to pioneering research – while maintaining open networks that enable collaboration for remote learning and digital innovation. Building a resilient cybersecurity strategy therefore requires an integrated approach that protects identity, data and core systems without limiting student access or hampering Digital Transformation.
A growing threat to higher education( HE) is the rise of identity-based attacks, with the Cyber Security Breaches Survey 2025 revealing that of the HE institutions that faced a cyberattack last year, 97 % of those suffered phishing attacks and 68 % saw cybercriminals impersonating their staff or organisation. Rather than forcing entry, attackers compromise identity platforms such as Active Directory and move undetected using legitimate credentials. Protecting identity systems must therefore be a foundational priority, with continuous monitoring, anomaly detection and automated rollback of suspicious changes to prevent widespread disruption.
As cyberthreats grow more sophisticated, universities must safeguard students, staff and critical research without compromising openness or innovation. We asked Mark Molyneux, Field CTO – Northern Europe at Commvault; Naz Bozdemir, Lead Product Researcher, HackerOne, and Mat Pullen, Director for Education at Jamf, how universities can build a resilient cybersecurity strategy that protects students, staff and research while supporting open access and Digital Transformation.
Equally, resilience must extend beyond traditional backups. Attackers increasingly target backup repositories or deploy dormant ransomware that activates after restoration. Universities need clean recovery environments where data, identity services and critical applications can be restored and tested in isolation before being brought back online. Automation and AI-driven threat detection can significantly reduce recovery times, ensuring that services resume safely and swiftly.
Ultimately, regular testing, cross-team collaboration between security and IT operations and clear incident response planning are necessary to enable HE institutions to maintain trust while continuing to innovate. By aligning security, identity and recovery into a unified resilience strategy, universities can safeguard their communities and research assets while confidently advancing their digital ambitions.
Naz Bozdemir, Lead Product Researcher, HackerOne
A recent MI5 briefing warned that UK university leaders are increasingly attractive targets for foreign
WWW. INTELLIGENTCISO. COM 25