acm-header
Sign In

Communications of the ACM

ACM Careers

Higher Education Joint Cyber Security Operations Center Launches


View as: Print Mobile App Share:
OmniSOC logo

Indiana University, Northwestern University, Purdue University, Rutgers University, and the University of Nebraska-Lincoln have announced the launch and activation of OmniSOC, a specialized, sector-based cyber security operations center (SOC) that provides trusted, rapid, actionable cyber intelligence to its members.

OmniSOC is a pioneering initiative of these Big Ten Academic Alliance universities with a goal to help higher education institutions reduce the time from first awareness of a cybersecurity threat anywhere to mitigation everywhere for members.

"With tens of thousands of students, faculty, and staff, university campuses are really like small cities, with sensitive data and powerful computing systems that are coveted by cyber criminals," says Tom Davis, OmniSOC founding executive director and chief information security officer. "Protecting hundreds of thousands of devices and critical data requires expertise, systems, policies, and rapid response when new vulnerabilities become known. While campus-by-campus approaches are essential, they are not sufficient for the sophistication of modern cyber risks. The OmniSOC enhances the work of local security professionals to provide greater real-time, sophisticated threat detection, analysis, and action for our members."

OmniSOC is based at Indiana University and leverages two decades of experience and capabilities from GlobalNOC, the 24/7 Global Research Network Operations Center that provides services to government, research, and education networks across the United States. Using real-time security information data feeds from each member campus, as well as governmental and corporate security subscriptions, OmniSOC identifies suspicious and malicious activity requiring mitigation and provides rapid incident response through human analysis and machine learning.

In addition to GlobalNOC, OmniSOC works in close coordination with the federally chartered Research and Education Networking Information Sharing and Analysis Center at IU. Established in 2003, REN-ISAC's primary mission is to aid and promote cybersecurity protection, response, and information sharing among its 580 members within the research and higher education communities.

"Each industry or sector of the economy has a unique lens on its risk tolerance, policies, regulation, and response," says Brad Wheeler, IU vice president for IT and chief information officer. "OmniSOC is a leading exemplar of establishing focused, sector-based shared cybersecurity services by doing so for large complex universities. My Big Ten CIO colleagues and I quickly realized that we could fight these risks better and faster if we joined forces to rapidly accelerate detection and mitigation across our institutions. The idea went from concept to first operations in a year, and we are already spinning up the specific services that our collective chief information security officers have planned."

OmniSOC has chosen the Elastic Stack as its security analytics platform. The Elastic Stack is used to ingest, correlate, and analyze vast quantities of information to detect and hunt for cyber threats to member systems.

"Higher education is for the most part an open environment, so we often see cyber crimes that others have not," says Greg Hedrick, chief information security officer at Purdue University. "By allowing us to monitor across higher education, OmniSOC helps to improve our capabilities to identify and react more quickly to these bad actors. My hope is that this information can be shared with others outside of our community in order to protect the entire ecosystem."

Davis says that in the years to come, OmniSOC plans to expand membership beyond the Big Ten Academic Alliance as it scales up services.


 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account