The head of the ICT Infrastructure Division at the University of Coimbra, Pedro Vale Pinheiro, explains how the RCTS CERT services of the FCCN Unit impact on the activity of this higher education institution.
#1 Looking at the various features of the RCTS CERT which are the services of most interest to the University of Coimbra?
Of the services that the RCTS CERT has, the ones that the University of Coimbra (UC) is most interested in are the support in the creation of the CSIRT [technical group for response to cybersecurity incidents], help and support in the definition of security policies and the use of tools for assessment and detection of occurrences.
The support that the RCTS CERT has given to the UC, mainly with the use of tools for detection and assessment of occurrences, has been of crucial importance to bridge the weaknesses of the institution regarding the scarce resources existing for the area in question.
#2 How would you describe the relationship and contact maintained with the RCTS CERT?
The working relationship between RCTS CERT and the UC has been characterized by excellent two-way communication. The service has open channels (direct and indirect) and responds promptly to critical and less critical situations. The team at FCCN is always available and cooperative at all levels.
#3 What are some of the specific challenges, in the area of cybersecurity, regarding the action of higher education institutions? Does RCTS CERT provide any support regarding these?
The challenges presented to the University of Coimbra in the area of cybersecurity are diverse and complex, notwithstanding the importance given by the institution to this topic. However, the most important and relevant weaknesses found in the area of policy definition can be summarised as the most important and relevant: lack of specialised human resources and technological resources suited to the current demands, marked by extremely volatile dynamics whose risk and impact is high.
On the other hand, the new challenges that we have been forced to face on an ongoing basis, such as access from uncontrolled networks (from home) on a continuous remote working basis or the increasingly intense and demanding use in terms of performance of information technologies. Finally, there are access security issues in on-permise and Cloud services.
#4 The Covid-19 pandemic led to a reconfiguration of school activities, as you mention. From an IT security perspective, what are some of the consequences that have resulted from this?
The need for technological and methodological adaptation to the new demands of remote teaching activities has brought challenges that, until then, were considered on a theoretical basis or thought of a distant future. The capacity of adaptation and adequacy of infrastructures, technologies and methodologies have given unequivocal proof of the ability of higher education institutions to react to adverse situations.
From the IT security point of view, the issues of quality of remote access to services, reinforcement and adaptation of border protections to services, adequacy of systems for intensive remote access, greater care in performing backups and prevention of disaster situations derived from the use of systems external to the institution that could bring attacks hitherto not so considered were assessed and adapted.
5 In what direction do you foresee the relationship with RCTS CERT evolving in the near future?
I think that the RCTS CERT will play an important role in creating synergies, technological solutions and support in the creation and adaptation of policies that are transversal to the various higher education institutions in order to bridge the resource gap. By allowing the creation of alert and operation coordination mechanisms at a national level, enabling an integrated and privileged vision, it will provide higher education institutions with a fundamental tool for an adequate response to crisis situations that may occur in the future.
#6 Is there anything you would like to add?
As a suggestion, we propose the continuation of training sessions for technical and specialized staff, in order to raise awareness and provide better cognitive and intervention skills in these areas.