Five universities including Purdue launch joint cyber security operations center

WEST LAFAYETTE, Ind. — Five Big Ten Academic Alliance institutions, including Purdue University, on Wednesday (March 21) announced the launch and activation of the OmniSOC, a collaborative cybersecurity operations center.

OmniSOC, based at Indiana University, is a pioneering initiative with a goal to help higher education institutions reduce the time from first awareness of a cybersecurity threat anywhere to mitigation everywhere for its members. The other partners are Northwestern University, Rutgers University and the University of Nebraska-Lincoln.

“One of our chief challenges is responding to the increasingly skilled, persistent threats to Purdue’s network,” said Gerry McCartney, executive vice president for information technology and chief information officer at Purdue. “We see this partnership as giving us a powerful new tool to address this challenge, while at the same time developing techniques that may benefit others in higher education and beyond.”

With tens of thousands of students, faculty and staff, university campuses are really like small cities, with sensitive data and powerful computing systems coveted by the kinds of people behind cyber threats, said Tom Davis, OmniSOC founding executive director and chief information security officer who was Indiana University’s chief security officer.

“Protecting hundreds of thousands of devices and critical data requires expertise, systems, policies, and rapid response when new vulnerabilities become known,” Davis said. “While campus-by-campus approaches are essential, they are not sufficient for the sophistication of modern cyber risks. The OmniSOC enhances the work of local security professionals to provide greater real-time, sophisticated threat detection, analysis and action for our members.”

The OmniSOC leverages two decades of experience and capabilities from the 24/7 Global Research Network Operations Center (GlobalNOC), which provides services to government, research and education networks across the nation. Using real-time security information data feeds from each member campus, as well as governmental and corporate security subscriptions, the OmniSOC identifies suspicious and malicious activity requiring mitigation and provides rapid incident response through human analysis and machine learning.

In addition to GlobalNOC, OmniSOC works in close coordination with the federally chartered Research and Education Networking Information Sharing and Analysis Center (REN-ISAC) at Indiana. Established in 2003, the REN-ISAC’s primary mission is to aid and promote cybersecurity protection, response and information sharing among its 580 members within the research and higher education communities.

“Each industry or sector of the economy has a unique lens on its risk tolerance, policies, regulation and response,” said Brad Wheeler, IU vice president for IT and chief information officer. “OmniSOC is a leading exemplar of establishing focused, sector-based shared cybersecurity services by doing so for large, complex universities. My Big Ten CIO colleagues and I quickly realized that we could fight these risks better and faster if we joined forces to rapidly accelerate detection and mitigation across our institutions. The idea went from concept to first operations in a year, and we are already spinning up the specific services that our collective chief information security officers have planned.”

OmniSOC has chosen the Elastic Stack as its security analytics platform. The Elastic Stack is used to ingest, correlate and analyze vast quantities of information to detect and hunt for cyber threats to member systems.

“Higher education is for the most part an open environment, so we often see cyber crimes that others have not,” said Greg Hedrick, chief information security officer at Purdue University. “By allowing us to monitor across higher education, OmniSOC helps to improve our capabilities to identify and react more quickly to these bad actors. My hope is that this information can be shared with others outside of our community in order to protect the entire ecosystem.”

Davis says that in the years to come, OmniSOC plans to expand membership beyond the Big Ten Academic Alliance as it scales up services. Learn more about OmniSOC: https://omnisoc.iu.edu/ and watch the videos: https://youtu.be/7g2BYXCVc3k and https://youtu.be/tWomN3qhSiM.

About OmniSOC

The OmniSOC is a cybersecurity operations center (SOC) currently shared among five universities that provides trusted, rapid, actionable cyber intelligence to its members. A subscription-based service, OmniSOC helps institutions minimize the time from when an institution learns of a cyber threat to when it responds to a threat. Hosted at Indiana University and founded by five institutions — Indiana University, Northwestern University, Purdue University, Rutgers University, and the University of Nebraska-Lincoln — OmniSOC helps members thwart threats through collaboration, threat detection, and data sharing. All participants become more secure, informed, and responsive to threats—be it from politically or socially motivated hackers (hacktivists), organized criminals or nation state threat actors—than they would be individually. 

Using real-time security information data feeds from each member campus, as well as governmental and corporate security subscriptions, the OmniSOC identifies suspicious and malicious activity requiring mitigation and provides rapid incident response through human analysis and machine learning. OmniSOC provides its members several key benefits in cyber threat response including greater sophistication, an opportunity to collaborate for faster responses, and a service highly tailored to respond to threats faced by institutions of higher education. 

Contact: Greg Kline, 765-494-8167, gkline@purdue.edu 

Source: Gerry McCartney, 765-496-2270, mccart@purdue.edu