Situation
In early 2019, a leading UK university engaged NCC Group’s services to validate the cyber security posture of the organization.
After a comprehensive operation, it became clear that there were a number of areas that needed improvement to bring the organization to the standard it required. NCC Group was enlisted to design a comprehensive package, including a broad, ongoing Managed Detection and Response (MDR) solution.
During this engagement, NCC Group was presented with a time-critical challenge as the university was involved in essential COVID-19 research and worked round the clock to deliver essential cyber security assurance.
At a Glance
Organization - UK Based University
Industry - Education
Challenge - Providing assurance, monitoring, and detection services for a 30,000-strong university
Solution - NCC Group consultants designed a multi-layered solution, including MDR, SIEM, and 24/7 Security Operations Center (SOC) monitoring
Result - The organization's security has been greatly approved, and its research endeavors are much better protected thanks to the monitoring and detection services
Challenge
With around 30,000 students across six faculties, the challenge was considerable. From previous experience in the higher education sector, NCC Group has learned that securing universities from a cyber threat can be more involved than in other sectors.
Liberal expectations of information sharing from the student body need to be balanced with the requirement to protect extremely valuable intellectual property. A nuanced and segmented approach to risk is required. Additionally, a solution was required that worked equally well for on-premises and cloud architectures as the customer operates an enterprise that draws on both designs.
As is often the case with large organizations with a high turnover user base, one of the most fundamental security requirements is an accurate understanding of the enterprise deployment in a way that is digestible by security teams. Once baselined, the next priority is to implement a solution that will identify malicious activity at the earliest possible stage and accurately report incidents so that effective remediation can be conducted.
Solution
NCC Group consultants designed a multi-layered solution, including an MDR suite incorporating SIEM, endpoint detection, and network detection with a unifying service wrap centered on a 24/7 SOC facility. Under NCC Group project management, the full service was deployed progressively from the summer of 2019.
The specific requirement to deploy a full network discovery and access control solution was something other than what had been delivered in the Managed Service model previously. However, NCC Group developed the service at pace, implementing a working solution in concert with the other elements of MDR.
A year after the start of the project, the customer now has a comprehensive managed service in place with the result that their in-house security team gets informed quickly and only when they need to be, allowing them to focus exclusively on what matters
Result
During the deployment, a further short-notice challenge was presented. The customer was involved in research supporting a WHO trial and needed to establish dedicated infrastructure to contribute to the global mega trial of the four most promising coronavirus treatments.
They urgently required assurance that their solution was secure and fit for purpose. The request was understandably time-critical, and therefore NCC Group worked round the clock to ensure the infrastructure was penetration tested, remediated, and added to 24/7 monitoring within three days.
One year following the start of NCC Group’s engagement with the university, its cyber risk was detailed and demonstrated, a risk mitigation solution was designed, and 24/7 MDR was implemented. The result is an organization that is fundamentally far better informed and far more secure, enabling the university to continue to conduct this research with greater peace of mind that it is equipped to handle any potential security incidents.
NCC Group exists to make the world safer and more secure.
As global experts in cyber security and risk mitigation, NCC Group is trusted by over 14,000 customers worldwide to protect their most critical assets from the ever-changing threat landscape.
Get Started on Your Cyber Security Journey
Our experts are ready to help you stay ahead in a constantly changing threat landscape. Contact us today to learn more about what NCC Group can do for your organization's unique cybersecurity needs.