We are delighted to report that the rollout of the HEAnet Security Operations Centre (SOC) & Security Information and Event Management (SIEM) Services is progressing very well since the beginning of the year, and the services are now live for the initial clients that have been onboarded.
In June 2023, the Minister for Further and Higher Education, Research, Innovation and Science, Simon Harris made the announcement of funding of €3.75 million to boost further and higher education institutions’ defences against cyber-attack by establishing 24/7 monitoring and threat detection and response services for the sector.
HEAnet Clients availing of this service will have the benefit of reduced time to detect and respond to threats, allowing them to respond quickly to contain the threat, thereby reducing the likelihood of breach and minimising the associated impact.
The sectorial approach to providing this service removes the high upfront costs and complexity associated with managing a SIEM platform and the establishment of a SOC. This approach also leverages the power of the community in terms of cost benefits, knowledge sharing and insights.
HEAnet has established a Cyber Security Centre of Excellence to support the sectorial approach to delivery and support the SOC & SIEM service establishment with client onboarding. This will ensure value for the sector is optimised in the life of the services, post project.
The HEAnet Security Operations Team also provide product steering for the development of further detection use cases, and to issue both proactively from threat hunting activities, and in response to security incidents reported by the SOC. While SOC & SIEM is the priority and immediate focus of the team, HEAnet will continue to focus on building out a wider portfolio of cyber security managed services.
Phase 1 of the HEAnet SOC & SIEM Service Establishment project commenced in January 2023 with an initial select group of clients, where the objective was to provide early indication and learnings from the service onboarding process, and transition to early life delivery of service. This phase is nearing completion, and the service is now live. The Security Operations Team are now actively monitoring, investigating alerts, and reporting cases to clients where investigation, containment, and remediation response steps are identified and advised to HEAnet clients.
Phase 2 of the project began in March 2023 with an expression of interest process to identify clients that had a requirement for this service; HEAnet SOC & SIEM Service were then able to commence with deployment and onboarding. Phase 2 is now at an advanced stage and nearing completion of deployment for the first tranche of clients, with an objective to engage and onboard seventeen (17) HEAnet clients through to the end of 2023.
The Security Operations Overview Report provides the high-level security operations statistics for the service at this initial stage of delivery, this indicates the value, and provides early validation of the SOC & SIEM service benefits. The statistics show that at the wide end of the funnel you have alerts as the input from a comprehensive range of client log sources and network sensor alerts. In contrast, the output of the service provides fine-tuned, actionable case reports, allowing clients to prioritise and focus their attention where it is most required, thereby allowing early and actionable response to investigate, contain and remediate against the reported threat.
For more information on HEAnet SOC & SIEM Services please visit:
https://www.heanet.ie/services/security-services/soc-siem-services
If you would like to enquire about availing of this service, please contact noc@heanet.ie
