OmniSOC: One Year of Helping Secure Higher Education
Time 12/10/19 01:40PM-02:30PM
Room Nottoway (4th)
OmniSOC is a new shared cybersecurity operations center for higher education. Founded by Northwestern University, Purdue University, Rutgers University, the University of Nebraska-Lincoln, and Indiana University, this pioneering initiative strives to help higher education institutions reduce the time from first awareness of a cybersecurity threat anywhere to mitigation everywhere for members.
In this talk, Charles Kloote, manager of platform engineering, and Rich Graves, principal security engineer, will give an overview of the history of the OmniSOC and its approach to security event management. They will discuss the technical design and underpinnings of the OmniSOC security information and event management (SIEM) infrastructure, including how it is built, managed, and maintained using a DevOps model of development and IT operations. They will also discuss how the the OmniSOC security engineering team uses the platform to act as a "co-processor" to member information security teams and identify issues that may have otherwise gone undetected. This includes how OmniSOC's understanding of the security issues facing higher education, and ability to see the data from multiple institutions, gives us unique insight into the security environment.
This talk will also include the technology and tools OmniSOC uses to make all this work, and lessons from our experience building, running, and using these tools and platforms. In summary, we will cover future plans for OmniSOC, including new tools and strategies we plan to explore in the coming year.
Speaker Charles Kloote Indiana University
Primary track Information Security