17 October 2022 - DIG22 reflections from Plus 1 bursary winners

Chris Cooper
Systems Specialist
Cranfield University

 

DIG22 was my first UCISA event and I was lucky enough to be awarded a place via the Plus One Bursary Scheme.

As this was my first time at a UCISA event, I went with an open mind and was looking forward to learning new things that we could implement at our own institution.

The focus of the event was around Sustainability and Survivability and kicked off with a role play-based Lego game. We were divided into teams to compete against each other, with the aim being to generate the most income whilst protecting our organisation from the inevitable security breaches. This was a great way to start the event to get us talking and thinking about our own real world security posture.

This was followed with several great presentations and group discussions. There was some eye-opening statistics such as data centres are predicted to be using 14% of all global energy use by 2040 and a single post by all of Christiano Ronaldo’s Instagram followers use the equivalent power required to run a UK household for 5 years!! We also learned about sustainable approaches to minimize e-waste and extending service lifetimes of equipment.

It was also interesting to learn about actual ransomware incidents and how the University responded, which gave us some good ideas to take away to our own institutions.

That evening was rounded off with the conference dinner which was a great way to meet new people and share experiences.

Day 2 was another packed day which was again filled with some great learning opportunities, from first hand cyber attacks through to sustainability goals with cloud and the path to Cyber Essentials accreditation.

Overall, this conference was a great couple of days, giving us loads of ideas to take away. It was also good to speak directly with other institutions and share stories, good and bad! We also got to catch up with some familiar vendors and create new relationships along the way. It may have been my first UCISA event, but it certainly won’t be my last.

 

John Fairhall
Applications Development Manager
University of Bradford

The last UCISA event that I attended was many years ago so I was unsure what to expect from DIG22. Security is a very high priority for IT Services at Bradford. As DIG22’s agenda had a strong focus on security we decided that it was worth a few of us from the leadership team attending. Being from a software development background and knowing DIG is quite Infrastructure focused its fair to say that I was concerned how much of the sessions would go over my head.

I’m so pleased that I attended. Whilst admittedly some of storage sessions were a little outside my area of knowledge the conference as a whole was like gold dust. There were two main areas that were particularly invaluable and both were equal parts useful and scary!

The sessions by other Universities openly discussing their experiences with cyber attacks were amazing to understand what we could expect if / when the worst happens, and they gave us a number of actions which we’ve started to act upon. Last week 6 of us from the management team went on a 2-day BCI Incident Management and Response course, which was an excellent supplement to what we learnt from DIG22 for enhancements to our current processes.

The Cyber Essentials sessions and informal discussions with delegates from other HEIs also allowed us to identify the work that would be involved and some of difficulties for an organisation such as University. I’m particularly interested to follow UCISAs discussions with NCSC around the certification process.

 

Loni Syla
Information Security Officer – Cyber Security
University of Surrey

Firstly a huge thank you to UCISA for allowing me to attend the event as part of the plus one scheme. It was first event of its type since I joined University of Surrey, and the event was very well planned and organised and also all of the team were very welcoming.

The event was split into two topics, Sustainability and Survivability

The first topic Sustainability, particularly highlighted the current global warming issues and how IT has a major impact. From datacentres to end user computing, all of which have a impact on the greater global issues. I was interested to learn that datacentres are currently the source of 1% of global energy use, projected to grow to 14% by 2040. There was also some useful discussion around the battles of producing lower power components as well as lifecycles of end user computing and the impact of electrical waste due to those device lifecycles. Something that stayed with me from Henrik Brogger's presentation was that something as innocent as a tweet from the likes of Ronaldo uses the equivalent power required to run a UK household for 5 years. I also found some other topics discussed useful such as carbon footprint (particularly within the “cloud”) and the idea of having a carbon footprint label the same as ingredients label.

Survivability. This is an area which more directly relates to my work in a university cyber security team. There were some excellent talks regarding ransomware experiences of other institutions. The insights of the colleagues sharing the experiences of ransomware are worrying but at the same time reassuring and the quote by Sarah Lawson ‘don't panic’ related well to her real-world example of when in dire situations we must take a deep breath and not become overwhelmed by incidents. The conference has helped me reflect on our own organisation. I definitely intend to take away some of the ideas and incorporate them in our own business continuity planning and incident response plans, as well as proactively taking some of these shared experiences and applying them to our attack surface reduction efforts.

 

Larry Allotey
Data & Voice Network Manager
Kingston University London

The DIG22: SurvivabilITy and SustainabilITy, was my first event with UCISA and my first time in Newcastle. I was not sure how the whole UCISA event would work but was astounded at the variety of presentations, which were very informative, and it was a valuable 2 days.

Within my organisation we are working a network transformation project, so I wanted to gain some insight, and initiate new contacts and share understanding of our journeys with other key decision makers and experts. I also wanted to learn about strategies which we could implement.

It was lovely that I could arrive the evening before to explore Newcastle town by myself and also catch up with 10 other delegates on a pre-booked Solution Provider’s sponsored night out. It was valuable in building my knowledge and understanding the challenges facing other delegates within Higher Education (HE).

The two days were very informative with inspirational presentations, and speakers from other HE, Vendors and Solution Providers. They shared recent incidents and real-life examples of SurvivabilITy and SustainabilITy in their environment. The breakout business meetings offered an opportunity to ask detailed and useful questions. I had several one-to-one business meetings with specific suppliers, who weren't there to try and push their products, but actually spoke to me about how they could tailor a solution and help with our network transformational journey. I think the event presented an efficient way of making contact with other institutions and suppliers.

The unique aspect of the event was playing the interactive educational game called Cyber Security in Practice - Learning with Lego” which was designed to teach the principles and value of quantitative IT security risk calculation. This was based on real life security incidents. For the role play-based game we were put in a team to drive security decisions against other teams. The aim was to generate the most income for the team business whilst defending it from the impending cyber security attacks. Proudly, my team won the game, designed by Dr Rebecca Robinson from Lancaster University.

Spending time with the vendors was really useful, because not only did they get to explain and pitch their product, but we also got to ask questions and learn from the other institutions

My takeaways from the event were as follows:

SurvivabilITy

  • We need to plan for the worse and hope for the best
  • We should look at our entire IT infrastructure to make sure we have the smallest attack surfaces. Should the unthinkable happen we are in the best position to get the organisation back up and running as quickly and safely as possible.

SustainabilITy

  • It has not always been a yardstick for the purchase and maintenance of kit, but now is something we should consider
  • We should look hard at our IT estate, and make sure we are making decisions for the benefit of institutions and the planet.

Overall, the two-day event was very good and inspiring. I met some key contacts and learnt a lot which I can now implement within my organisation. I will highly recommend this event to anybody wishing to increase their knowledge within various IT fields.