Major cyber-attacks faced by the UK’s universities and colleges decreased in 2025, but the remainder require more sophisticated defence. That’s according to the annual cyber threat intelligence report by Jisc, which offers digital services to UK higher education; including computer security incident response (CSIRT).
The report speaks of growing professionalism and state sponsorship of cyber crime, and criminalsโ adoption of artificial intelligence. David Batho, director of security at Jisc, said: โCyber threats will continue to evolve in 2026, but understanding how and why they are changing is the first step to managing risk. By focusing on people, identity and resilience, our sector can strengthen its collective defences and stay ahead of an increasingly complex threat landscape.โ
For more from David Batho, see his blog entry.
further report on our cyber posture survey, released to cyber security contacts at education and research institutions today. The survey of cyber security professionals revealed that ransomware and phishing remain the top threats across both HE and FE, with AIโenabled threats now emerging more clearly.
The survey shows that 92 per cent of HE providers have dedicated cyber security staffing, given their position as significant targets of cyber-attacks. Facing constrained resources, only 37pc of FE colleges reported employing dedicated cyber security staff. Cyber responsibilities in further education are often taken on by general IT managers.
Paul Knee, head of security operations at Jisc, said: โThe intellectual property generated by HE and research is an essential part of the UK economy and the IT used in its generation and dissemination is critical national infrastructure. Education and research establishments are the focus of deliberate cyber-attacks and the cyber posture survey reveals that organisations take their cyber security responsibilities extremely seriously. Jisc is here to empower organisations to fulfil those responsibilities. Weโre pleased to see more and more professionals joining the Jisc cyber security community group and urge all HE, FE and research members to take up the cyber security services we provide as part of Jisc membership.โ
The full threat intelligence report is available to members of JISC’s cyber security community group. Results of the cyber posture survey are shared with Jisc members.
