UK university leads the way in cyber resilience, protecting their community of staff, students, and partners in the wake of the pandemic.

The University of Central Lancashire (UCLan), ranked in the top 7% of universities worldwide, is home to a student and staff community approaching 38,000. Partnering with 125 international institutions across the globe, UCLan welcomes circa 2,000 international students’ every year to study at their Preston Campus.

Their mission of “leading the way in modern learning” is as equally true in their approach to their security strategy. When the pandemic created an unprecedented change that forced remote and online teaching and learning, requiring creative, innovative solutions from universities, UCLan were already significantly underway in their IT transformation journey as they reshaped their education approach – with their students and staff firmly at the centre of their strategy.

Learning & Teaching at the Heart

Stemming back to 2018, UCLan launched their learning and teaching strategy, with the mission “to provide inspirational student learning experiences”. As part of this programme, after identifying that desktop computers were a major impediment of the delivery of their modern education, UCLan embraced digital learning with Microsoft as their partner, core to the technology strategy; Microsoft Surface together with Azure, Windows 10, and Microsoft 365.

Investing across their academic community and staff enabled UCLan to transition easily to remote teaching and learning when COVID-19 resulted in the closure of university campuses across the globe. This embedded cultural shift enabled their students to be able to continue their studies during a time of accelerated change and uncertainty that made UK education institutions an even more attractive and persistent target for cyber-attacks.

It was this strategic move and flexibility resulting from the partnership with Microsoft that was critical to helping the university remain connected to its community, enabling continuous, high-quality learning throughout the pandemic. By designing new ways to deliver teaching and learning and enhancing their students experience, not only from an academic perspective, but at work and for life – beyond their studies.

Lessons Learnt from the COVID-19 Pandemic

On Sunday 7th March 2021, UCLan were among three UK education institutions hit by a cyber- attack. This attack was designed to be as damaging and disruptive as possible by targeting the establishment during the exit of the UK’s third national lockdown, leaving many remote working students unable to submit vital coursework. It was the swift response from the University’s IT Team and methodical approach in prioritising systems which are essential to the learning and teaching needs of their community, that meant many of the issues were resolved by the Monday.

Quorum Cyber first engaged at the tail-end of UCLan’s experience, after which they had worked through the initial stages of the security incident with their insurer and Incident Response organisation.

Accelerated by the cyber-attack, UCLan had strengthened their investment with Microsoft Security through even greater A5 licensing and usage of Azure, which were already formed as part of their transformation journey. While this acceleration was positive, it presented new challenges in their understanding on how to drive value and make the most of their investment – while at the same time, avoiding any unnecessary disruption to its learning and teaching functions and maintaining its world-class education and student experience.

Working closely with UCLan, Quorum Cyber engaged our security engineering team to configure, deploy and tighten up their security controls, maximising the outcomes from the capabilities UCLan had invested in. Parallel to this, Quorum Cyber gave UCLan the comfort and protection of our Security Operations Centre (Tactical SOC) for two months, as a tactical fix, whilst a long-term solution could be established.

Quorum Cyber’s Microsoft Sentinel Tactical Security Response and Monitoring Service was deployed to monitor for the threat actor involved in the initial incident; protecting them from being targeted by the same attack vector and introducing detections against commonly seen attacks. In return this provided UCLan with the peace of mind of continuous, round-the-clock monitoring of security alerts and indicators of compromise, all while protecting UCLan’s recovery efforts. Knowing their threat exposure, at a time of particular risk, was being managed, meant UCLan were able to avoid further disruption. This was essential due to the University’s commitment in the duty of care to their community and ensuring student wellbeing in what had already been a difficult year.

To minimise the business risk of significant financial and reputational damage from a cyber-attack, UCLan moved from this short-term tactical fix into a full 12-month SOC agreement, after the two month period. It was this initial tactical strategy and proven engineering value in helping UCLan improve their security posture and minimise exposure for attackers to exploit which demonstrated how Quorum Cyber could proactively protect UCLan as they continued to deliver academic excellence, ensuring talented graduates achieve outstanding results that are in high demand across the world.

From supporting their students with access to learning resources during exam periods to end-of-year results, student offer letters, clearing and, enrollment processes, UCLan was not only able to protect their learning and teaching functions but vital business operations which they couldn’t run as a university otherwise. Equally, the rationalisation of tools and management reduced the need for multiple third-party tools and the management overhead and UCLan is expected to deliver savings over the coming years.

Security at the Heart of Everything we do

UCLan’s mission to nurture and grow talent in people from all walks of life is a statement that resonates in the values of both Microsoft and Quorum Cyber and it is this shared vision that strengthens and cements the security partnership.

“The engagement with Quorum Cyber gave us the confidence to step forward with recovery whilst their expertise supported the discovery piece and assurance, we were able to detect future ongoing threats.”

– Gareth Edwards, IT Engineering Manager, University of Central Lancashire

“In a time of unprecedented change and persistent cyber-attacks, Quorum Cyber understands the unique and evolving security challenges we are up against. Ensuring we have the appropriate measures and controls in place to mitigate our cyber security risk, has enabled our community of staff, students and partners to work, teach, learn and research with a greater sense of confidence, safety and security.”

– James Crooks, Director of Learning and Information Services, University of Central Lancashire

Microsoft Solutions

• Microsoft Sentinel
• All A5 Security
• Microsoft Defender for Endpoint
• Microsoft Defender for Identity
• Microsoft Defender for Office 365
• Microsoft Defender for Cloud Apps
• Microsoft Defender for Cloud

 

*(Centre for World University Rankings 2021-22).