In today’s digital landscape, education is one of the most targeted sectors for ransomware attacks. Reflecting on continued conversations with our community, we heard the need for a collaborative and cost-effective cybersecurity solution. ORION recognized the importance of developing a Security Information and Event Management (SIEM) tool that enables the higher education sector to detect and protect against increased cyber threats. Our goal was to help institutions respond swiftly to security incidents, safeguard sensitive data, and avoid devastating consequences.
ORION Shared SIEM Proof of Concept
We conducted a proof of concept to evaluate the effectiveness and benefits of implementing a collaborative SIEM solution that protects the community from cyberattacks. From 2020 to 2021, we worked with two colleges and one university to establish a centralized system that focused on detecting and notifying incidents.
In 2022, we embarked on a pilot during which our team expanded the list of monitored use cases and migrated them to a new platform. They tested the SIEM across different use cases, investigated cloud-based technologies, and increased the ratio of true positives when detecting cyber threats.
We are excited to have completed the ORION Shared SIEM pilot. We learned the value of a collective approach to security monitoring and incident response, which led to improved security outcomes for the participating organizations. We used lessons learned from the pilot to inform the development of a Security Operations Centre (SOC) offering for the higher education community.
Stay Ahead of Cyber Threats: Shared SIEM for the Research and Education Community
We understand that institutions have limited resources, and we play a key role in improving their cybersecurity posture. Shared SIEM identifies threats proactively, so organizations have more time to focus on their core business objectives.
Higher education institutions can leverage community resources and expertise to gain a more comprehensive view of the threat landscape. Paired with SIEM technology, ORION security analysts will notify organizations of actionable threats and important events.
Shared SIEM offers near real-time monitoring of incidents, enabling universities and colleges to address vulnerabilities before attackers exploit them, further advancing their threat detection and response.
Moreover, Shared SIEM makes it easier for security teams to detect risks ahead of time. Organizations can use actionable intelligence to stay ahead of emerging threats and adapt to evolving security challenges more effectively.
ORION is proud to work with higher education institutions to develop a Shared SIEM solution. Over the past couple of years, we have been listening to and learning from our community. We will use the insights gained from the proof of concept to inform the development of the SIEM further. We are fine-tuning the system to reduce false positives, provide actionable intelligence, and update the platform to better serve our constituents.
We had the opportunity to collaborate with ORION on the SIEM proof of concept. It will be easier for us to detect security threats before attackers exploit them. In doing so, we are better equipped to protect our students and staff. ORION Shared SIEM will be a powerful tool that higher education can collaboratively leverage to improve all of our overall cybersecurity postures.
Strengthening Cybersecurity in Higher Education: Next Steps for ORION Shared SIEM
With the involvement of the community, ORION will continuously improve the Shared SIEM monitoring technology to meet the needs of higher education institutions, enabling them to better protect against cyber threats and the constantly evolving cybersecurity threat landscape.
We recognize that cybersecurity is an ongoing journey, so we will continue to expand our platform to enhance the security posture of our community.
Protect your institution from cyber threats today. Reach out to our experts to learn more about Shared SIEM: communitydev@orion.on.ca