Case Study: Protecting Research Data in Higher Education

The university is a Tier 1 research institution with around 12,000 students and 3,000 faculty and staff, spread across two main campuses and several satellite campuses. Its cybersecurity operations are managed by a small, dedicated team. This team handles a wide range of responsibilities, including security architecture, vulnerability management, incident response, cybersecurity awareness training, third-party risk management, and technology reviews, collaborating closely with other IT teams to protect the university's diverse and sensitive data.

Academic endeavours are open and collaborative to advance knowledge, encourage interdisciplinary research, and ensure rigorous peer review. By design, this expands the university's cyber attack surface while creating opportunities for malicious actors to gain access to valuable information. Although the university had a technology vendor review program whose aim was to prevent third-party breaches from exposing research data, its effectiveness was limited due to time-consuming processes and a lack of validated security insights.

Learn all about how this tier 1 research institution reduced the risk of supply chain breaches from its expansive attack surface.