This was the third meeting of the UCISA London Group following two earlier events, 7th April and 14th June. The meeting was well attended by representatives from member institutions, HE & FE, members of the LMN Board and Jisc representatives with representatives from a Jisc corporate partner, Khipu Networks, who were sponsors for the day. The event was hosted by Regent’s University London and opened with lunch followed by 3 presentations and an open discussion facilitated by Group’s liaison officer. Below is a summary report of the day…
1. Connectivity over London – how London CIOs are working together to provide comprehensive connectivity by Claire Priestley, Director of Information Technology, City, University of London, Stuart Brown, Director of ICT, University of London and Omid Shiraji, Interim CIO, Camden Council
The idea for this initiative came about from a similar collaboration work between York University and York Council. The Govroam initiative is aimed at providing a secure and seamless public wireless network within the M25 and in London in particular. The project will be delivered in two phases, Phase 1 will be for public sector bodies and Phase 2 will be for Further Education (FE) bodies, NGOs, TfL, and the Fire Brigade. The plan is for all organisations that have signed up to broadcast Govroam and eduroam. The go live date for Govroam is end of August. Several of the HE institutions at the event had already signed up to join Govroam. Delegates were encouraged to bring their counterparts onboard.
Action: Claire Priestly to send some more information to the UCISA London mailing list and recruit an FE institution to participate in the initiative, RACC was identified as a potential FE participant as they already have eduroam in the college.
2. Facilitated discussion session on cybersecurity/security and managing increased IT expectations by Bernard Aghedo, UCISA
The discussions centred on the third and fourth key themes that came out of the responses that respondents gave as answers to a survey conducted by UCISA that asked what challenges respondents were facing in fulfilling their role responsibilities. The four key themes were shrinking budgets, service delivery, security/cyber security and managing increased IT expectations. At the 14th June, the first two themes were discussed. The discussions were very lively, interesting and engaging as delegates contributed their experiences on how they tackle and continue to tackle cyber-attacks using several layers of both hard and soft defence systems while managing increased expectations to deliver safe, secure and seamless IT networks in the face of shrinking IT budgets. The discussions resonated well with the audience.
3. Jisc Vulnerability Assessment Management Service – Why is this important? By Steve Kennett, Security Director, Jisc (sponsored by Khipu)
Steve gave a very welcome presentation on the Jisc vulnerability assessment management service that is delivered by Jisc’s corporate partner and sponsor for the session, KHIPU Networks. Steve gave a very good overview on the vision and mission of the cyber security division at Jisc, the new approach – the focus on people, technology and process; and the national cyber security strategy 2016-2021, to defend (against attacks), deter (adversaries) and develop (skills and capabilities). From defining what a cyber security incident is, through identifying who is attacking the network, malware and vulnerabilities growth over the last few years to 5 top tips to avoid and defend against cyber-attacks and how networks can be infected. Steve’s presentation was also accompanied by Khipu’s brochure on JISC Cyber Security Services.
4. GDPR by Shah Ali, Executive Director, St Francis Xavier College
Based on his background as the Data Protection Officer for Saint Francis Xavier College, Shah is leading on the work in the college to comply with the EU GDPR. From his presentation, the college have made a good start in meeting the requirements of the EU GDPR. Shah gave a high-level approach to understanding the impact on the organisation and told the audience that every department or team within the institution was involved in or impacted by GDPR. He advised that in complying with GDPR, institutions should take a risk-based approach. Punctuated with a couple of polls, Shah took the audience through a journey of preparing for GDPR looking at data governance, financial risk in terms of fines, individual rights, through processing consent for information, reporting data breach, accountability and enforcement. However, Shah did make the point that the ICO have not released any low-level guidelines or publications on how organisations could implement the EU GDPR.
The meeting was another great opportunity for the newly formed group to further solidify and become more established as a regional group with shared interests. The format for the day worked well for all and the topics of presentation and the facilitated discussions were well received as well. UCISA is grateful to all the delegates, presenters and the sponsor for the day, Khipu Network, for helping to make it happen!