Protecting research from Cyber threats: best practices and frameworks

How to protect your research from cyber threats

Research is a vital component of national security, innovation, and economic competitiveness. However, it also faces increasing threats from adversaries who seek to steal, influence, or sabotage the research outcomes. Espionage against the academic sector is often more complex than traditional threats, partially due to the challenges of identifying what research is of national security interest. Emerging technologies, from AI algorithms through to innovations in materials science, are rarely covered by existing export controls or regulations, making them vulnerable to exploitation.

The head of Britain’s domestic intelligence agency warned the country’s leading research universities last week that foreign states are targeting their institutions and endangering national security.

CoreAzure, our cloud solutions experts at Methods, is a leading Microsoft Solution Partner for research originations. We know that research security needs a comprehensive and cooperative strategy that can handle complex and changing challenges. By understanding the threat, identifying what needs to be protected, and implementing the appropriate measures, we can ensure that research remains a source of strength and innovation for our society.

We understand that as a research organisation, how important it is for you to conduct your work with integrity and excellence, and also know how challenging it can be to protect your research from various threats, such as theft, sabotage, or interference. In today’s digitally connected world cyber threats are becoming more prevalent and sophisticated, targeting not only your data and devices but also your reputation and credibility.

The first challenge in research security is understanding the threat – discovering which areas of research adversaries are targeting and how they are going about trying to steal or influence these areas of research. However, the threat actors are not limited to state-sponsored agents, they also include non-state actors – hackers, criminals, terrorists, or activists – who may have different motives and methods.

Cyber threats can affect any type of research whether funded by public or private sector, conducted in academia or industry, or involving sensitive or non-sensitive information

To protect your research from cyber threats, our experts help organisations to adopt a proactive and comprehensive approach that covers all aspects of your research process, from planning and design, to data collection and analysis, to dissemination and sharing by incorporating best practices and frameworks that can help you enhance your research security:

• The NIST Cybersecurity Framework, provides a set of standards and guidelines for improving the security and resilience of critical infrastructure, including research institutions and organisations. The framework consists of five core functions: identify, protect, detect, respond, and recover. Each function includes specific outcomes and activities that can help you assess and improve your current security posture, as well as address any gaps or risks.

• Implementing the CIS Controls, (previously known as SANS Top 20), which are a set of 18 prioritised and actionable recommendations for securing your systems and data. The controls are based on the most common and effective practices observed across industries and sectors, and are updated regularly to reflect the evolving threat landscape. The controls cover topics such as inventory and control of hardware and software assets, secure configuration of devices and networks, continuous vulnerability assessment and remediation, email and web browser protection, data protection and recovery, and incident response and management.

In addition to these frameworks and best practices, we can also incorporate the Microsoft Cybersecurity Reference Architecture (MCRA) capabilities aligned to the National Cyber Security Centre (NCSC) guidelines to further mitigate the risks above. The MCRA is a comprehensive set of security solutions and services that can help you protect your data, devices, identities, and applications from cyber-attacks. The MCRA capabilities are mapped to the NCSC’s 10 Steps to Cyber Security, which are a set of essential actions that organisations should take to improve their cyber resilience e.g.

• Manage your suppliers and partners securely by using Microsoft Entra ID as an identity provider incorporating Entra B2B and Entra External ID Identities to enable secure and seamless collaboration and access management with your external stakeholders.

• Plan for incident response by using Azure Playbooks, Azure Policy, and Azure Lighthouse to create and execute incident response plans, enforce compliance and governance rules, and manage and monitor your cloud resources across multiple tenants.

CoreAzure understands that research security is a complex and dynamic issue that requires a holistic and collaborative approach. By understanding the threat, identifying what needs to be protected, and implementing the appropriate measures, we can create a secure and collaborative research environment that fosters innovation and impact.

To discuss how our experts at CoreAzure can help your organisation stay ahead of cyber threats, please do get in touch on enquiries@coreazure.com.