Participants scored identity fraud and disruption of IT facilities as the biggest threats. Specifically added for research purposes is the acquisition and disclosure of data. Proven cybercrime methods such as hostage-taking software (ransomware), phishing and DDoS attacks also continue to increase. New threats have also been added, for example: cyber criminals abuse supplier chains by infiltrating them. Educational and research institutions score their own cyber resilience higher than in the previous year. The average score is 6.3; it was 5.5 in 2018.
Cooperation as a sector's most important weapon
Collaboration is often seen as a way to be stronger, work more efficiently and face increasing threats. By working together, the sector is better prepared and can act faster. In order to keep up with the current development of cybercrime, it is necessary to further strengthen cooperation on a number of points, for example in cyber security exercises, such as OZON. Cooperation also helps to overcome the identified shortages of capacity and expertise.
The report concludes that, due to increasing threats, the deployment of institutions remains necessary to increase resilience. There is a lot to be gained, especially in the area of awareness. The increasing use of cloud applications, supplied by large, non-European players, is creating new threats to the availability and confidentiality of data.
About the Cyber Threat Report
The Cyber Threat Report 2019/2020 is the sixth threat assessment on education and research. This report is based on a survey among employees of educational and research institutions and on public sources. In the survey, we asked, among other things, which risk factors are the most important according to the SURF target group, which incidents have occurred, and what the resilience of the institutions is.
SURF publishes this report annually: