Case Study. Encode helps University of Aberdeen strengthen security and reduce false positives with advanced security intelligence platform

Similar documents
DATA SHEET RSA NETWITNESS PLATFORM PROFESSIONAL SERVICES ACCELERATE TIME-TO-VALUE & MAXIMIZE ROI

DIGITAL TRUST Making digital work by making digital secure

CYBER RESILIENCE & INCIDENT RESPONSE

The McGill University Health Centre (MUHC)

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

SECURITY SERVICES SECURITY

External Supplier Control Obligations. Cyber Security

KEDAYAM A KAAPAGAM MANAGED SECURITY SERVICES. Kaapagam Technologies Sdn. Bhd. ( T)

to Enhance Your Cyber Security Needs

IN THE FRAME. Computacenter Public Sector Frameworks FRAMEWORK

GDPR: Get Prepared! A Checklist for Implementing a Security and Event Management Tool. Contact. Ashley House, Ashley Road London N17 9LZ

A Comprehensive Guide to Remote Managed IT Security for Higher Education

SOLUTION BRIEF RSA NETWITNESS EVOLVED SIEM

RSA Solution Brief. Managing Risk Within Advanced Security Operations. RSA Solution Brief

Six Weeks to Security Operations The AMP Story. Mike Byrne Cyber Security AMP

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

RSA INCIDENT RESPONSE SERVICES

Continuous protection to reduce risk and maintain production availability

RSA INCIDENT RESPONSE SERVICES

National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference

NEXT GENERATION SECURITY OPERATIONS CENTER

Cyber Security Technologies

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

Security-as-a-Service: The Future of Security Management

BHConsulting. Your trusted cybersecurity partner

HOSTED SECURITY SERVICES

Security Monitoring. Managed Vulnerability Services. Managed Endpoint Protection. Platform. Platform Managed Endpoint Detection and Response

Networks

Security Monitoring Engineer / (NY or NC) Director, Information Security. New York, NY or Winston-Salem, NC. Location:

Security

Cyber Security School

Click to edit Master title style. DIY vs. Managed SIEM

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

Cybersecurity Risk Mitigation: Protect Your Member Data. Introduction

Securing Your Digital Transformation

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

Accelerate Your Enterprise Private Cloud Initiative

How to Write an MSSP RFP. White Paper

Background FAST FACTS

Canada Life Cyber Security Statement 2018

White Paper. How to Write an MSSP RFP

CYBER SECURITY OPERATION CENTER

IBM Security Systems. IBM X-Force 2012 & CISO Survey. Cyber Security Threat Landscape IBM Corporation IBM Corporation

RUAG Cyber Security Understand Cyber. Protect Values.

EMC should be your partner of choice for Transforming Your IT Organization. We are the largest information-focused consultancy in the world.

The Resilient Incident Response Platform

Symantec Security Monitoring Services

PREPARE FOR TAKE OFF. Accelerate your organisation s journey to the Cloud.

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

PULLING OUR SOCS UP VODAFONE GROUP AT RSAC Emma Smith. Andy Talbot. Group Technology Security Director Vodafone Group Plc

Staffing Services UnderDefense your source of experienced professionals to solve security staffing challenges today

INTELLIGENCE DRIVEN GRC FOR SECURITY

TRUE SECURITY-AS-A-SERVICE

Uptime and Proactive Support Services

COMPUTACENTER AND CITRIX TOGETHER

Cisco ONE for Access Wireless

NETWORK AND SD-VPN. Meshing legacy and Cloud Service Providers

Security by Default: Enabling Transformation Through Cyber Resilience

Cyber Security Program

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

Manchester Metropolitan University Information Security Strategy

AKAMAI CLOUD SECURITY SOLUTIONS

Security Awareness Training Courses

PT Unified Application Security Enforcement. ptsecurity.com

Transforming Security from Defense in Depth to Comprehensive Security Assurance

locuz.com SOC Services

Evolving the Security Strategy for Growth. Eric Schlesinger Global Director and CISO Polaris Alpha

IBM Next Generation Intrusion Prevention System

ARC VIEW. Critical Industries Need Active Defense and Intelligence-driven Cybersecurity. Keywords. Summary. By Sid Snitkin

Snort: The World s Most Widely Deployed IPS Technology

Canada Highlights. Cybersecurity: Do you know which protective measures will make your company cyber resilient?

May the (IBM) X-Force Be With You

IBM Security Services Overview

IT SECURITY OFFICER. Department: Information Technology. Pay Range: Professional 18

CAPABILITY STATEMENT

Smart Data Center Solutions

VMware Cloud Operations Management Technology Consulting Services

2017 Company Profile

Staffordshire University

HP Fortify Software Security Center

Cisco SP Wi-Fi Solution Support, Optimize, Assurance, and Operate Services

NexGen Solutions Education Guide

Cybersecurity Auditing in an Unsecure World

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018

Cisco Start. IT solutions designed to propel your business

Bristol t e Exeter t e

RSA NetWitness Suite Respond in Minutes, Not Months

BT Compute. BT Private Compute. Dedicated cloud infrastructure hosting your IT. BT Compute

IBM services and technology solutions for supporting GDPR program

M&A Cyber Security Due Diligence

FFIEC Cyber Security Assessment Tool. Overview and Key Considerations

BRING EXPERT TRAINING TO YOUR WORKPLACE.

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

BHConsulting. Your trusted cybersecurity partner

Symantec Endpoint Protection Cloud (SEPC)

WHITEPAPER ATTIVO NETWORKS DECEPTION TECHNOLOGY FOR MERGERS AND ACQUISITIONS

भ रत य ररज़र व ब क. Setting up and Operationalising Cyber Security Operation Centre (C-SOC)

Security Information & Event Management (SIEM)

ISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045

Transcription:

Encode helps University of Aberdeen strengthen security and reduce false positives with advanced security intelligence platform

Summary For the University of Aberdeen, protecting IT infrastructure serving over 16,000 staff and students is a round the clock task. As part of an ongoing strategy to deliver secure IT to any device, anytime, anywhere ; the University contracted Encode to help it proactively detect and prevent cyber-attacks through the deployment of an advanced Security Information and Event Management (SIEM) solution. In just a two week engagement complete with expert professional services and training, the University IT services team has gone live with IBM QRadar Security Intelligence Platform and improved visibility into its diverse and growing IT estate. Through integration with existing security technologies and intelligent rules, the SIEM has reduced the time consuming and largely manual inspection of security logs while negating many false positives. As part of an ongoing strategy to deliver secure IT to any device, anytime, anywhere ; the University contracted Encode to help it proactively detect and prevent cyber-attacks Through a structured training programme delivered by Encode, the University team is now selfsufficient and gaining operational benefits that are helping it to meet the challenges faced by complex security threats as its strives towards its goal of delivering flexible and secure IT services. 2 / 5

Challenge Ranked consistently among the top 1% of the world s universities, Aberdeen is also one of Scotland s largest with 16,500 students from a community of 120 nationalities. Teaching and research is primarily based at its Old Aberdeen and Foresterhill campuses which include the majority of Life Sciences and Medicine, Arts, Social Sciences, Physical Sciences. Aberdeen is also named as Scotland s safest University City according to the influential Complete University Guide and that record also extends to secure IT Services that supports tens of thousands of users as well as spinout companies that have commercialised research of which it is the 6th most successful university in the UK. IT services also delivers and protects one of the largest wireless campuses in Europe as part of a strategy to continually improve student accommodation and facilities. IT services also delivers and protects one of the largest wireless campuses in Europe as part of a strategy to continually improve student accommodation and facilities. As part of its 5 year strategic plan for IT services, for the University to maintain its competitive edge, it aims to meet the expectation of any device, anytime, anywhere. Student and staff expectations are ever increasing in terms of availability of systems, course materials, delivery models, delivery mechanisms, and support. Technologies need to be up-to-date and support innovation, and the University always needs to be looking to and planning for the future. In addition, compliance is a major feature of University management and effective and efficient information systems are needed to ensure that the University maintains data integrity and is positioned to meet its legal and contractual obligations. Recognising the continual growth and complexity of IT within the University, the IT services team are engaged in an ongoing programme to assess the effectiveness of new technologies to both help it meet its any device, anytime, anywhere aims, while ensuring the highest levels of security across its infrastructure. However, complexity equates to an increased and exposed cyber attack surface. There s no such thing 100% security, thus breaches must be expected. The issue is around how early can breaches be detected and end points rapidly closed down before damage is caused? With the growth of its systems, the IT services team felt that the time consuming manual inspection of application and other logs to detect and respond to security threats was starting to limit the effectives of its capabilities. In response, the team began evaluating a number of Security Information and Event Management (SIEM) solutions to help correlate information and highlight previously difficult to detect security issues across it growing IT estate. 3 / 5

Solution Aberdeen University has 160 members of staff within IT services responsible for management, operation and support of the University s wired and wireless networks, server infrastructure, telecommunications, audio visual and media services. The team also supports email and calendaring, web resources, corporate applications, medical illustration, IT training and supporting documentation across multiple sites. Following an RFP and detailed evaluation process of several SIEM technologies and suppliers, the IT services team selected Encode as its preferred solution provider based on its proven track record and expertise with its preferred SIEM Technology, IBM QRadar. Working closely with consulting and implementation experts from Encode, the University defined a number of key criteria the solution needed to address. The university has a highly diverse environment including network elements from Cisco, Juniper, F5 Networks, Bluecoat, HP and FreeRadius. The diversity extends to the operating system and application layer, which includes critical software running on Linux, UNIX and Microsoft Windows. The SIEM needed to be seamlessly integrated with this environment and able to adapt to new threats posed by growth of its Bring-Your-Own-Device (BYOD) strategy. Following an RFP and detailed evaluation process of several SIEMs and suppliers, the IT services team selected Encode as its preferred solution provider based on its proven track record and expertise with the QRadar platform Working closely with Encode, the University deployed a QRadar SIEM and engaged in a structured education programme to transfer the core skills needed to allow the IT services team to manage the platform and quickly gain more visibility into its diverse infrastructure. QRadar offers a Security Intelligence Platform within a unified architecture for integrating security information and event management, log management, anomaly detection, incident forensics and configuration and vulnerability management. The SIEM offers near real-time correlation and behavioural anomaly detection to identify high-risk threats. Working with Encode, the University went through a tuning process to ensure that data was correctly flowing into QRadar from over 40 sources including server and network elements. Encode s IBM QRadar solution, in the context of a large evolving and diverse IT estate, provides a last line of defence against targeted cyber attacks engineered to evade even the most sophisticated perimeter and endpoint defences. 4 / 5

Benefit Within just two weeks, the IT services team were up and running and able to significantly reduce its largely manual workload associated with correlating security logs across its infrastructure. Using the out of the box rules engines, the SIEM has given the team the ability to be alerted on a number of issues that might arise such as brute force attacks against user logins as well as more subtle attempts to subvert DNS and other core network routing processes. QRadar also ties into a number of existing security software applications and uses correlation across a number of metrics to help reduce false positives and prioritise alerts to focus investigations on an actionable list of suspected incidents. IBM QRadar augments the university s impressive defence in-depth to provide enhanced security assurance. The SIEM means we have the ability to build new rules that can adapt to our evolving IT demands while improving our ability to detect more complex IT security threats and deal with them in a timely fashion, Garry Wardrope IT Security Manager adds. Since implementation, Encode has worked with the University in a consultancy position and advised on ways to increase the capability of the system as well as optimisation in regards to ongoing IT upgrades and migrations. Encode is an invaluable partner for us during this project and the new SIEM is helping us to meet our strategic goals to deliver enhanced access to our data and services, ensuring security is robustly designed and a transparent part of the service, Garry Wardrope concludes. 5 / 5

Encode UK Level 33, 25 Canada Square, London E14 5LB encodegroup.com +44 (0) 207 038 8305 info@encodegroup.com Copyright Encode. All rights reserved.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback