Re: [External] [SECURITY] Security Operations Center Management

["Foss, Henry L." <fossh () SACREDHEART EDU>]

We do not yet have one yet and are looking into Arctic Wolf and one or two other vendors.


Hank Foss  
Manager of Security Infrastructure 
Sacred Heart University
Main Campus HC112
Office: (203) 396-8279
Mobile: (203) 295-1356




-----Original Message-----
From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Kevin Wilcox
Sent: Monday, January 25, 2021 6:04 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] [External] [SECURITY] Security Operations Center Management

As the SOC manager here =)

Yes, we have a formal SOC. It's in its infancy.

Mix of two staff and two students, with (hopefully) more students coming.

No outsourcing, no co-managing.

Working with a service provider is on the radar but we're still getting the campus acclimated to the idea that we even 
have a group dedicated to SecOps, incident handling, some monitoring, etc (again, infancy).

kmw

On Mon, Jan 25, 2021 at 5:47 PM Carlton, Cynthia <cynthia.carlton () rochester edu> wrote:
> Good afternoon
>
>
>
> I’m working on doing a quick benchmarking survey on behalf of our CISO regarding SOC’s. I did find a previous posting 
> regarding an annual SOC survey and am reviewing that dataset and report. However, we would like to try and benchmark 
> as many Higher Ed and Academic Medical Centers as possible.  I will be happy to share the results of what I collect 
> if there is expressed interest. Please feel free to respond to me directly  - Cynthia.carlton () rochester edu. Thank 
> you in advance for your feedback!
>
>
>
> 1)      Does your organization have a formal Security Operations Center?
>
> a.       Is it fully staffed with internal resources?
>
> b.       Is it fully outsourced?
>
> c.       Is it co-managed with a service provider?
>
> 2)      If you do not have a Security Operations Center is it on your roadmap
>
> a.       Are you planning to fully staffed with internal resources?
>
> b.       Are you planning to fully outsourced?
>
> c.       Are you planning to co-managed with a service provider?
>
>
>
> The specific data we have been asked to report on was -  how many other Academic Medical Centers and Universities 
> have deployed a SOC and are they are doing it all in house or do they outsource some or all of it?
>
>
>
>
>
> Cynthia Carlton
>
> Information Architect
>
> University of Rochester
>
> Desk:   585-275-1068
>
> Email:  cynthia.carlton () rochester edu
>
>
>
> **********
> Replies to EDUCAUSE Community Group emails are sent to the entire 
> community list. If you want to reply only to the person who sent the 
> message, copy and paste their email address and forward the email 
> reply. Additional participation and subscription information can be 
> found at https://www.educause.edu/community

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community
The sender of this email is external to Sacred Heart University. Do not click any links unless you know and trust the 
sender.

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community