Following recent high-profile cyber attacks and the increasing level of cyber security threats facing the sector, HEAnet has been investigating what additional security services we could potentially provide to our clients.
HEAnet is actively looking to identify potential new cyber security services and determine their feasibility based on client interest, commitment, funding, and resourcing.
A Cybersecurity Advisory group (C-SAG) has been established to ensure that clients are involved in the process of identifying potential new services for evaluation. The C-SAG includes representatives from the IUA universities, IOT/TU sector, and ETBs. With the help of the C-SAG, the following shortlist of six potential new services has been identified:
- Security Operations Centre (SOC) including Security Information and Event Management (SIEM) and Log Management
- Pathway to Cyber Essentials and Cyber Essentials Plus certifications
- Global Threat Intelligence Sharing & Dissemination of Security Advisories
- Cyber Security and Awareness Training Services
- Active Directory Auditing Services
- Penetration Testing Services
The clear priority identified with the help of the C-SAG is the SOC & SIEM service and is the focus of current efforts with a project team established to progress it. However, this is also the most challenging option in terms of funding and resource requirements. Currently, the project team is completing a market Intelligence exercise to identify vendors and their services who could work with HEAnet and its clients to provide a managed SOC & SIEM service.
In parallel to the above activity, it is clear from discussions with Clients that they may need to procure additional security services, including SOC & SIEM. Therefore, the HEAnet project team, with the support of the Brokerage Services team, are currently working on a Dynamic Purchasing Scheme (DPS) to provide a procurement option for clients who need to procure security solutions and services. Unlike a procurement framework, one of the benefits of the DPS is that additional lots and vendors can be added as required.
The solutions and services that are looked at as part of the DPS include SIEM, SOC & SIEM, Virtual CISO (Virtual Chief Information Security Officer – vCISO), Incident management services, and evolving Threat Prevention solutions. The DPS is expected to be ready for Clients in Q2 2022.
If you have any queries on the above, please contact noc@heanet.ie.
