Innovative Shared SOC Model for Statewide Higher-Ed Cyber Protection and Talent Development

Louisiana State University (LSU) needed to bolster its cyber defense posture but was challenged by the significant financial investment it would take.

As the flagship university in Louisiana’s higher education system, LSU has more resources than other, smaller colleges in the state to invest in cyber protection. However, it sought to leverage the Louisiana Optical Network Infrastructure (LONI), a high-speed fiberoptic network that connects the university system, to make premium cyber defense accessible to all of them.

Additionally, LSU prioritized a solution that would actively engage and serve its students. Recently recognized as a Center of Academic Excellence in Cyber Operations by the National Security Agency (NSA), LSU is developing talent that will address a significant security workforce gap, estimated today at more than 400,000 unfilled jobs in the U.S. alone.

It would take creative thinking to solve this challenge, and TekStream was up to the task.

Download the Case Study

Technologies Involved

TekStream

TekStream MDR

Splunk

Splunk Cloud
Splunk SIEM
Splunk SOAR

AWS Migration Services Competency

Amazon Elastic Compute Cloud
Amazon Simple Storage Service
Amazon CloudWatch

Splunk Elite Partner

Solution Objectives

Build a best-in-class MDR solution to streamline interactions with state agencies and accelerate response times.

Integrate meaningful opportunities for students to augment their cyber education with practical, real-world experience.

Incorporate scalability to extend cyber defense capabilities & benefits to smaller colleges & universities across Louisiana.

An Innovative Solution

TekStream spearheaded a novel public-private partnership with Splunk and LSU to establish a co-managed, student-run Security Operations Center, or SOC, on LSU’s flagship campus in Baton Rouge. The SOC is based on TekStream’s MDR service that uses Splunk’s SIEM/SOAR software deployed on AWS.

This approach combines the best of ad-hoc, extemporaneous threat hunting in SIEM, as the SOAR environment is guided and structured with pre-defined steps for particular threats and TekStream-developed playbooks ensure consistency in execution.

LSU students from all disciplines will be recruited to work on the SOC with continuous support and training from TekStream through its MDR service. This allows LSU to defray costs associated with SOC operations and provides students with valuable experience and marketable skills upon graduation. Additionally, financial incentives in the unique agreement incentivize all parties to excel at detecting and defending against cyber threats.

The program will expand across the state’s education system to protect 40 institutions of higher learning from cyberattacks through shared resources and threat intelligence. SIEM instances are separate and available directly to each school with a dedicated Splunk Cloud stack as the source for alerts and as a resource for individual school visibility to assess, triage and investigate alerts locally.

Training Tomorrow’s Cybersecurity Leaders

As part of this innovative model, TekStream experts will train LSU students to manage the LSU SOC using Splunk technology. Students will be trained at the same level as TekStream employees on cyberattacks, analysis, network defense, policy and escalation, and real-time response tactics to actual incidents, gaining valuable experience in professional roles that are in very high demand.

“TekStream’s unique and flexible pricing model incentivizes everyone in the mix – industry, universities, students – to get better at detecting and defending against cyber threats.”

– Craig Woolley, CIO Louisiana State University

Key Successes

  • TekStream stood up a top-tier, 24/7 co-managed, and student-run SOC within three months at LSU’s Baton Rouge and Shreveport campuses with an emphasis on a standardized procedure for onboarding and automated incident response in a multi-tenant SOAR environment.
  • The remaining 40 campuses are onboarded to 24/7 co-managed, student-run SOC within 18 months.
  • TekStream and LSU are developing the next generation of cyber engineers. TekStream trains and works closely with students as their skills evolve to staff the SOC to a greater degree.
  • TekStream developed a unique and flexible pricing model to fit this bold cyber defense initiative. A university-wide agreement offers volume purchasing discounts and incentivizes students to hone their cyber protection skills.
  • TekStream created a highly collaborative and transparent ecosystem with the governance needed to satisfy state mandates and meet funding requirements.

Customer: LONI – Louisiana Optical Network Infrastructure

Industry: Higher Education, State University Infrastructure

Headquarters: Baton Rouge, LA

Annual Budget: $681 million

As the flagship university in Louisiana’s higher education system, LSU has more resources than other, smaller colleges in the state to invest in cyber protection. However, it sought to leverage the Louisiana Optical Network Infrastructure (LONI), a high-speed fiberoptic network that connects the university system, to make premium cyber defense accessible to all of them.