• Employee profile and compensation data;
• Payment data from students, administration and vendors;
• Protected health information;
• Intellectual property and research; and
• Donor profiles and giving histories.
When a school is struck by a cyber breach, the impact isn’t just reputational; it’s expensive. The average cost of a data breach in 2017, according to Ponemon Institute, reached $245 in education for each compromised record. If you have
a thousand students in your school, mop-up could easily reach a quarter of a million dollars.
A Better Approach: SOC-as-a-Service
While setting up a SOC internally may be costly and time-consuming for schools, ignoring the problem isn’t an option either. But there may be a middle road: SOC-as-a-Service. IT can hire the right outside service firm to do the job for them. The advantage: SOC-as-a-Service incorporates a fully outfitted operation for detecting, assessing, preventing and responding to threats and incidents, and can deliver cybersecurity oversight 24/7.
For example, one Illinois institution was being overrun with phishing attempts, requiring IT staff to work overtime to keep up. Those attacks weren’t just targeting ordinary students or staff, they were going right to the C-level too with “really well-crafted phishing attacks that were catching them off guard,” recalled Miller. And even though the university formed a dedicated security team, its members needed more training to stay on top of the threats. Expanding the IT staff wasn’t an option. By mid-summer, IT leadership decided to look for more help.
After considering the purchase of an on-premise security incident event management (SIEM) tool, the university went the route of hiring a SOC-as-a- Service provider instead. Quickly, that company (BitLyft) was able to expose logins from unfamiliar locations and bounces from other countries, enabling the school to put a process in place to reduce reaction time before a breach even began. The time dedicated to dealing with individual cases of phishing has been closed down to near-zero.
A SOC-as-a-Service vendor can furnish the 24/7 staff and resources required so that the next time a user accidentally clicks the wrong link, what should be a minor security incident doesn’t become a full-blown event or an IT overtime nightmare.
Beyond SOC- as-a-Service
Integrating a SOC can address some of the constraints and challenges that universities
and colleges face, but the greater threat lies in the rate and complexity in which those threats evolve. “Without a comprehensive and evolving system, you’re always playing catch-up to the latest threat trends or you’re just reacting to breaches rather than proactively preventing them,” said Miller. “With the appropriate threat intelligence partner, you can leverage the combined attacks and neutralization of threats experienced by every client. Think of it like a shared immune system. If one person gets sick, we share those antibodies with everyone in the ecosystem immediately to immunize the whole group.”
While SOC-as-a-Service is
a giant step towards better protection, it’s one component of a larger story of the challenges IT teams face in keeping up with IT security.