Charles Sturt achieves high distinction in cyber resilience with Sekuro.
HIGHLIGHTS
Challenge
- Attacks against Australian universities have risen dramatically over the past five years. Charles Sturt takes its obligations to its students, research and learning and teaching partners very seriously, and its partners insist on robust security arrangements. Charles Sturt knew it had to be prepared to be a target.
- Charles Sturt has a large attack surface with a significant remote student population. The university has roughly 36,000 current on-campus and online students and 2,500 permanent employees, including eight physical campuses, and up to 7,500 endpoints to protect at any given time.
- The team had limited resources to develop full in-house cyber security capabilities.
Solutions
- Charles Sturt chose Sekuro’s Managed Security Services offering and now benefits from 24/7 proactive security operations management with coverage aligning to the NIST framework: Identify, Protect, Detect, Respond, and Recover.
- Charles Sturt’s IT Infrastructure and Security team can now focus on new and emerging threats and broader business opportunities since augmenting its team with Sekuro’s virtual Security Operations Centre (vSOC), which leverages CrowdStrike’s Falcon® platform for end-point security, Tenable Vulnerability Management and Splunk Enterprise.
Outcomes
- Since partnering with Sekuro, Charles Sturt has had no significant cyber-related incidents, creating a safer and smoother experience for students and staff.
““The tools and advice provided by Sekuro have been invaluable. We have found a trusted partner and everybody we’ve worked with has been wonderful and supportive. We’ve never felt on our own since.”
– Mark Duffy, Director of IT Infrastructure and Security at Charles Sturt University.
The Story
With a major increase in cyber attacks against Australian universities over the past five years, Charles Sturt’s Division of Information Technology realised it needed to initiate in a more mature and resilient cyber security framework to increase its capabilities to detect and respond to cyber threats 24/7.
With a large remote student population, the university has up to 7,500 endpoints to protect at any given time, including overseas campuses. Not only is there a large attack surface, but the nature of the data that a university holds makes it a major target.
Charles Sturt handles extremely sensitive data, and it also stores personal data for tens of thousands of students and staff and holds commercially valuable IP through its research programs, so maintaining a pristine security record is critical.
In examining its security posture, Charles Sturt realised it had the security basics down pat, however, its incumbent solutions didn’t have the right level of control or visibility to meet new security challenges. It also needed more capacity and expertise to prioritise and manage the constant barrage of alerts.
“Universities are no longer seasonal. Charles Sturt needed an ‘always-on’ mindset to security, making maintenance and support even more challenging. However, with a security function of just two people, this was a major challenge, and hiring a whole security team wasn’t an option,” said Mark Duffy, Director of IT Infrastructure and Security at Charles Sturt.
Charles Sturt University (Charles Sturt)
Charles Sturt is an Australian multi-campus public university with eight physical campuses across regional NSW and Victoria. It is the number one regional university for student starting salaries and has roughly 36,000 current students and 2,500 permanent employees.
With an increase in high profile cyber attacks against Australian universities, Mark Duffy, Director of IT Infrastructure and Security at Charles Sturt engaged Sekuro to ensure the University could be confident in its management of, and improving preparation against evolving threats.
Our Solution for Charles Sturt
To improve its cyber security posture in the face of rising threats, Charles Sturt knew it needed to scale its knowledge and experience in cyber security by augmenting its team and its capabilities. It also needed comprehensive protection of its devices and corporate networks with an advanced endpoint solution that could quickly detect and stop the latest threats.
After going out to tender, Charles Sturt chose to partner with Sekuro and its Managed Security Services platform, onboarding its virtual Security Operations Centre (vSOC), as well as CrowdStrike’s Falcon® platform, Tenable IO and Splunk Enterprise solutions.
Sekuro’s vSOC continually monitors security information and telemetry from organisation-wide ICT systems, network devices, endpoints, and applications. When an attack indicator is detected, the vSOC notifies Charles Sturt and assists by providing the details and the information required for further investigation by its team.
“Out of all of the teams we consulted throughout the RFP process, Sekuro was the most knowledgeable but also the most caring. The team spent a lot of time talking to us to understand the nuances of our requirements. It wasn’t a pre-canned response, and that’s why we chose Sekuro,” said Duffy.
Outcomes
Since bringing Sekuro on board, Charles Sturt has had no significant cyber-related incidents, creating a safer and smoother experience for students and staff.
“Our strong security stance has become somewhat of a selling point over competing institutions, which is just another example of the high ROI we’ve received from the project,” added Duffy.
When it came to the project implementation, the Charles Sturt team anticipated the process of vSOC onboarding and the rollout of CrowdStrike Falcon® across its endpoints was going to be a complex and arduous affair and had planned for a six-month project timeframe. Pleasingly, 50% of the project was complete after only two months, and with Sekuro having built a strong level of trust with Charles Sturt, the team was comfortable with adopting a more rapid deployment approach. From there, it only took two more weeks to finish the project.
An incident during the initial implementation phases highlighted the benefits of its new solution. Charles Sturt was a target of a ransomware attack where the devices running the old endpoint technology didn’t pick up any suspicious activity for 48 hours. It took only seconds for the new CrowdStrike Falcon® solution to detect and halt the attack.
Previously, the small Charles Sturt team could only focus on availability and was therefore less equipped to proactively respond to threats. Since augmenting the team with the vSOC and new technologies, it can now focus on new and emerging threats and broader business opportunities.
“We didn’t have the capacity before. Now we can actually breathe,” Duffy said.
By implementing Sekuro’s vSOC, Charles Sturt gained the expertise it needed to stay on top of threats. The team has more visibility across its environment as well as more support to filter out the noise so that its staff can focus on the bigger picture.
“The Sekuro team operate on really quick turnaround times and are always there when we need them. We really feel like we’re getting what we paid for,” concludes Duffy.
Why CrowdStrike?
Why did Charles Sturt choose CrowdStrike?
“After running a market tender with extensive requirements to assess each vendor, we found CrowdStrike to be the most complete solution, with the highest technical score and the most aligned to the approach we wanted to take. The price point was also a winning factor.”What benefits have you seen since implementing CrowdStrike?
"Sekuro’s implementation of CrowdStrike was incredibly smooth and successful. About halfway through the project we were confident there was little risk and were able to roll into business as usual and move at a really fast pace. We’ve been impressed with CrowdStrike’s technology and have become more secure because of it.”Mark Duffy, Director of IT Infrastructure and Security at Charles Sturt.
Sekuro #clientforlife
Sekuro’s Managed Security Services (MSS) acts as an extension of your security team. We provide fully managed 24/7/365 monitoring, detection, triage and response services. These services are carried out by certified security experts through our highly available and ISO 27001 compliant virtual security operation centre (vSOC).
Our technology and platform stack is SaaS and cloud-hosted, and integrated with the identity and access management (IAM) to protect against unauthorised access. Sekuro’s vSOC is designed to enable continuity, bypassing the disruptions that can occur in a physical capacity. Our MSS reduces the number of operational security personnel an enterprise needs to hire, train, and retain to maintain an acceptable security posture – taking the pressure off you.
Sekuro offers:
- Threat Monitoring, Triage and Notification
- Managed Detection & Response Plus
- Continuous Vulnerability Management Service