The OmniSOC will help campuses address larger and more complex cybersecurity threats, which often require expertise and rapid response, he adds.
“Campus-by-campus approaches are essential, [but] they are not sufficient for the sophistication of modern cyber risks. The OmniSOC enhances the work of local security professionals to provide greater real-time, sophisticated threat detection, analysis and action for our members.”
OmniSOC is based at Indiana University and leverages experience and capabilities from the 24/7 Global Research Network Operations Center (GlobalNOC) that provides services to government, research, and education networks across the nation.
OmniSOC uses real-time security information data feeds from each member campus, as well as governmental and corporate security subscriptions, to identify suspicious and malicious activity requiring mitigation. It also provides rapid incident response through human analysis and machine learning.
In addition to GlobalNOC, OmniSOC works in close coordination with the federally chartered Research and Education Networking Information Sharing and Analysis Center at IU, whose primary mission is to aid and promote cybersecurity protection, response, and information sharing among its 580 members within the research and higher education communities.
“Each industry or sector of the economy has a unique lens on its risk tolerance, policies, regulation and response,” says Brad Wheeler, IU vice president for IT and chief information officer. “OmniSOC is a leading exemplar of establishing focused, sector-based shared cybersecurity services by doing so for large complex universities. My Big Ten CIO colleagues and I quickly realized that we could fight these risks better and faster if we joined forces to rapidly accelerate detection and mitigation across our institutions. The idea went from concept to first operations in a year, and we are already spinning up the specific services that our collective chief information security officers have planned.”
“Higher education is for the most part an open environment, so we often see cyber crimes that others have not,” says Greg Hedrick, chief information security officer at Purdue University. “By allowing us to monitor across higher education, OmniSOC helps to improve our capabilities to identify and react more quickly to these bad actors. My hope is that this information can be shared with others outside of our community in order to protect the entire ecosystem.”
Davis said that in the years to come, OmniSOC plans to expand membership beyond the Big Ten Academic Alliance as it scales up services.