For 25 years, GÉANT – and its predecessors – have contributed to the evolution of the Research & Education (R&E) security landscape, combining technical expertise with deep community collaboration. Today, security is central to GÉANT and the NREN community and aligns with Europe’s vision for a secure digital future. Let’s take a look at this evolution.
The early years (Pre-2000)
Community roots
Security in the R&E world began as a loosely coordinated effort. The internet was still new, and R&E institutions considered themselves low-risk targets. Nevertheless, the need for cooperation started arising. These early years saw the creation of the Task Force for Computer Security Incident Response Teams (TF-CSIRT) which aimed to bring together emerging European CSIRTs, offering a platform to share knowledge and build trust.
Technical foundations
Technical security in this period was reactive. Protocols like FTP and Telnet were widely used. Incident response was ad-hoc, with most solutions devised in response to immediate threats. Yet, this groundwork led to the emergence of collaborative incident handling, which paved the way for more substantial technical defences in the years to come.
2000–2010: Building capacity
Community growth
This decade saw significant expansion of the R&E security community. The TRANSITS training programme became a key tool in strengthening CSIRT teams across Europe, equipping staff with the technical and soft skills necessary to address increasingly complex threats. Events and community groups, such as TF-CSIRT meetings started to provide the space to facilitate cooperation and build institutional expertise.
Technical Innovation
Technical services began to emerge in response to the growing threat landscape. GÉANT started integrating security into the core of network services, laying the groundwork for more structured approaches. Meanwhile, the Trusted Certificate Service (TCS) provided a vital trust anchor for secure communication across R&E networks.
2010–2020: Security becomes strategic
Community strengthening
By now, nearly every NREN had a CSIRT, due in large part to capacity-building efforts over the previous decade. These years saw the establishment of the Special Interest Group on Information Security Management (SIG-ISM) with the objective to provide an open forum to exchange information, knowledge and best practices. The decade culminated with the formalisation of such efforts with the creation of the security work package (WP8), in the context of the GÉANT Project GN4-3, focusing on the institutionalisation of security practices across the community. Additionally, a shift toward a culture of proactive resilience was highlighted by the launch of CLAW, GÉANT’s crisis management workshop aimed to enhance NRENs’ crisis preparedness.
Advanced services
R&E security had to adapt to more sophisticated threats, including targeted data theft and service disruption. Firewall on Demand (FoD) was introduced to mitigate DDoS attacks rapidly. DDoS mitigation techniques were refined, and monitoring systems became more intelligent. GÉANT continued to develop and expand its technical capabilities while integrating threat intelligence and situational awareness into its operations. During this period, eduGAIN, together with eduroam, became vital components in secure access and identity management, helping users connect to resources and networks across borders. The eduVPN service, co-developed with NORDUnet and SURF in 2015, addressed the growing need for secure and user-friendly remote access.
2020–Now
Community-led maturity
With the threat landscape constantly shifting, fuelled by geopolitical tensions, growing cybercrime, AI and disinformation campaigns, R&E institutions can no longer afford not to give security a place at the decisional table. The GÉANT community has responded with a more structured approach to preparedness.
The GÉANT Security Baseline, collaboratively developed with NRENs, has provided a practical framework for assessing and improving institutional security maturity. The Security Bootcamps, hands-on, interactive training programmes designed for NRENs to help them implement the GÉANT Security Baseline, are addressing the need for institutional readiness at the strategic level. Also worth mentioning the quarterly cyber threat report, the latest collaborative effort that exemplifies a joint commitment to collective security.
Security Days Conference
First held in April 2024, GÉANT Security Days has become a prominent event for the international R&E community. The conference, whilst enabling the exchange of threat intelligence, insights, and best practices, offers a dedicated space for experts to address shared challenges and develop collaborative solutions.
Technical resilience
Modern R&E networks are deeply interconnected and potentially susceptible to cascading failures. To meet these challenges, GÉANT has prioritised scalable, automated defences, improved threat intelligence monitoring and sharing, and continuous integration of security into all service development.
In addition, solid secure communications, the increase of cybersecurity awareness alongside the roll-out of NIS2 legislation are contributing to further solidify the importance of a unified security posture across Europe.
Looking ahead
Security in the R&E sector has evolved from a niche concern into a strategic imperative. GÉANT’s commitment to shared learning, community empowerment, and solid technical solutions remains at the core of its mission.
“Collaboration is key. By sharing experiences and challenges we have come a long way and will need to continue joining forces against cyber threats to R&E.” Alf Moens, Security Lead, GÉANT
With a strong foundation built on 25 years of collaboration and innovation, the GÉANT community is well-positioned to face the next wave of security challenges, together.
Read the full online magazine here
