Taking a cue from Marvel’s Avengers, companies operating across a wide swath of industries are banding together to fight cybercriminals. Joining forces are members of the auto industry, U.S. banks and major technology providers and vendors that have set aside their differences to share information and combat cyberattacks.
Now, higher education institutions are following suit. This year, Indiana University, along with partners Northwestern, Purdue, Rutgers and the University of Nebraska-Lincoln, announced a first-of-its-kind alliance to form the OmniSOC, a security operations center designed to provide a much higher level of cybersecurity by combining and analyzing the intelligence from all five universities and other sources.
In an EDUCAUSE article, the OmniSOC founders Daniel Calarco and Thomas Davis write, “Cyberthreats are increasing at a rate … beyond anything we’ve seen before. We felt the need to evolve rapidly as well, to be guarded for what comes next.”
Founding team members chose to start the alliance with partners from the Big Ten Academic Alliance, an academic consortium of schools that compete athletically in the Big Ten Conference. They have a 25-year history of collaborating on data sharing and security. Although the pair notes that “common bonds and trust” within the Big Ten are the foundation for the initial membership of the OmniSOC, they foresee that, eventually, any higher education institution will be able to become a member.
Humans and Machine Learning Prioritize Threat Info
The goal of the alliance is to “minimize the time from first awareness of a threat anywhere to mitigation everywhere for our members,” according to an OmniSOC YouTube video.
Each member of the OmniSOC has its own operations center that protects systems on its individual campus. At the same time, all five universities send threat information to the OmniSOC, which analyzes those threats with help from supplemental information from commercial and governmental sources.
A combination of human and machine learning then determine which threats need to be mitigated. If intervention is needed, OmniSOC teams quickly alert IT security on each campus to handle the incident. In the future, these processes will be automated.
OmniSOC Sees Early Success in Threat Detection
In a news release from Indiana University, Davis explained why cyberthreats to universities are so unique.
“With tens of thousands of students, faculty and staff, university campuses are really like small cities, with sensitive data and powerful computing systems that are coveted by cyber criminals,” he said.
Greg Hedrick, the Purdue University CISO, agreed. In an article for Campus Technology, he said, “Higher education is for the most part an open environment, so we often see cybercrimes that others have not. My hope is that this information can be shared with others outside of our community in order to protect the entire ecosystem.”
OmniSOC members are already seeing success. Within a week of implementation, Indiana University detected a threat on its system that would have otherwise been invisible. In a blog post for the OmniSOC website, Andrew Korty, IU’s information security officer, said, “We are confident this approach will improve our threat preparedness over time.”