Higher education institutions across Europe are facing a rapidly evolving cyber threat landscape. Universities are increasingly targeted by ransomware attacks, data breaches, phishing campaigns and supply-chain vulnerabilities, often with significant operational, financial and reputational consequences. At the same time, universities must remain open environments that support academic freedom, international collaboration and innovation.
In this context, cyber resilience, the ability not only to prevent incidents, but also to prepare for, respond to and recover from them, has become a strategic priority. For the EUNIS community, strengthening cyber resilience is not something institutions have to achieve alone. It is fundamentally a collective challenge that can be addressed through collaboration, shared learning and mutual support.
Universities represent uniquely complex digital environments. They operate large, decentralised IT ecosystems that support teaching, research, administration and external collaboration. Open networks, diverse user groups and extensive international partnerships are essential to academic work, but they also increase exposure to cyber risks. The growing dependence on cloud services, digital research infrastructures and third-party vendors further expands the attack surface. At the same time, institutions face increasing regulatory and compliance demands, often with limited resources and growing skills shortages in cybersecurity. These challenges are not confined to individual institutions but are shared across the higher education sector, making collaboration not only beneficial, but necessary.
Traditionally, cybersecurity efforts have focused on prevention: firewalls, access controls, vulnerability management and technical safeguards designed to keep threats out. While these measures remain essential, they are no longer sufficient on their own. Cyber resilience takes a broader view. It recognises that incidents will occur and focuses on an institution’s ability to anticipate and prepare for threats, detect and respond effectively when incidents happen, as well as recover operations and learn from experience. This shift requires not only technical solutions, but also organisational readiness, clear governance, trained staff and a culture that encourages transparency and continuous improvement.
Collaboration is one of the most effective tools for strengthening cyber resilience in higher education. Shared knowledge and peer learning allow institutions to exchange experiences, lessons learned and good practices. Open discussions about incidents, conducted in a trusted, non-judgmental environment, help others recognise warning signs and improve their own preparedness. Mutual support and trust networks enable faster, more effective responses when incidents occur. Knowing who to contact, where to seek advice and how others have handled similar situations can make a critical difference during high-pressure moments. Coordinated approaches, such as aligning policies, standards and security frameworks, reduce fragmentation and improve interoperability across institutions. They also support more secure and resilient digital infrastructures at a sectoral level.
Within EUNIS, the Information Security Special Interest Group (InfoSec SIG) provides a vital platform for this collaboration through its hands-on workshops and coffee break discussions. It brings together cybersecurity professionals, CISOs, CIOs and institutional leaders from across Europe to exchange insights, discuss emerging threats and explore practical solutions tailored to the higher education context. Discussions covered a wide range of topics, including NIS2 compliance, security and privacy assessments, vulnerability testing and management, among others. More specifically, the InfoSec community supports peer-to-peer knowledge sharing, collective reflection on trends such as cloud security, identity management and AI-driven threats, and coordination with other EUNIS SIGs where security intersects with research, education and digital transformation. By fostering long-term relationships and shared understanding, the EUNIS InfoSec community strengthens not only individual institutions, but the resilience of the network as a whole.
The cyber threat landscape continues to evolve. Artificial intelligence is being used both to enhance attacks and to improve defensive capabilities. Supply-chain risks and dependencies on external vendors are becoming increasingly critical. At the same time, regulatory requirements and expectations for accountability are growing. Addressing these challenges will require continuous learning and adaptation, supported by strong networks and shared expertise.
In higher education, cyber resilience is a shared responsibility. No single institution has all the answers, but together, universities can build stronger, more resilient digital environments. Through EUNIS and its Information Security community, institutions have the opportunity to collaborate, learn from one another and develop coordinated responses to common challenges. By investing in trust, openness and mutual support, the EUNIS community can turn collaboration into a powerful defence against an increasingly complex cyber threat landscape.
For more information on the Information Security SIG, please feel free to reach out to the SIG Leaders thorsten.kuefer@eunis.org or asbjorn.thorsen@eunis.org.
