Re: Security Operations Center Management

["King, Ronald A." <raking () NSU EDU>]

We are in the process of refreshing the technology in the SOC. We will be manning it with grad students from our 
cybersecurity program. No outsourcing whatsoever.

Ronald King
Director of OIT Security

With Office 365, you can report a message as phishing or junk. Using Outlook in a web browser or the mobile Outlook 
app, start by clicking/tapping "Junk/Report Junk!"

Office of Information Technology
(757) 823-2916 (Office)
raking () nsu edu<mailto:raking () nsu edu>
www.nsu.edu<http://www.nsu.edu/>
@NSUCISO (Twitter)
[NSU_logo_horiz_tag_4c - Smaller]

From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Koppel, Lorna
Sent: Tuesday, February 2, 2021 6:22 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Security Operations Center Management

CAUTION:  This email originated from OUTSIDE of the organization. Do not click links or open attachments unless you 
recognize the sender and know the content is safe!
Our answer:


  1.  Does your organization have a formal Security Operations Center? Yes

     *   Is it fully staffed with internal resources? Yes - 2 FTE with access to the rest of the Office of Infosec (5 
additional people) as needed.  We augment with students/interns as we can - usually 1-2 part-time people.  Do not run 
24x7 but do have a 24x7 IT Service Desk that can escalate to us 24x7.
     *   Is it fully outsourced? no
     *   Is it co-managed with a service provider? no

Good Luck!

Lorna L. Koppel
Director of Information Security
Office of Information Security (OIS)
Tufts University
169 Holland 
Street<https://outlook.office.com/mail/deeplink/compose/AAMkADMwMDljOTgzLWE4ZDItNDE3YS05MGVlLTllZmRjNjU1OGI0MQBGAAAAAADcDQBefXDTQL6Rle4B4f5rBwDYXT5XZThPQK6AlMmSrZQmAAAAea7OAAAPz2fB03mORptgvBpr7W1SAAAI%2B34CAAA%3D?version=2019123003.04&popoutv2=1>
Somerville, MA 
02144<https://outlook.office.com/mail/deeplink/compose/AAMkADMwMDljOTgzLWE4ZDItNDE3YS05MGVlLTllZmRjNjU1OGI0MQBGAAAAAADcDQBefXDTQL6Rle4B4f5rBwDYXT5XZThPQK6AlMmSrZQmAAAAea7OAAAPz2fB03mORptgvBpr7W1SAAAI%2B34CAAA%3D?version=2019123003.04&popoutv2=1>
Phone: 617.627.0885
Email: lorna.koppel () tufts edu<mailto:lorna.koppel () tufts edu>

Information Security is Everyone's Responsibility! Learn 
more<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fit.tufts.edu%2fncsam&c=E,1,XVti2HpENxehdnHmgvLEcISzDN-E7n_SvDVPVABMqEIjWYATErmL9hzXIvnzpdwEey8Fg93ikggdo23_eORNtAxkETw_wFopP7r32tt4X9FOE4BoFf5HsXI,&typo=1>.
-----------------------------------------------------------------------------------------------
TTS will NEVER ask for passwords or other personal information via email.
-----------------------------------------------------------------------------------------------
For IT support, contact the TTS Service Desk at 617-627-3376 or it () tufts edu<mailto:it () tufts edu>

From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV 
EDUCAUSE EDU>> On Behalf Of Carlton, Cynthia
Sent: Monday, January 25, 2021 5:37 PM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] Security Operations Center Management

Good afternoon

I'm working on doing a quick benchmarking survey on behalf of our CISO regarding SOC's. I did find a previous posting 
regarding an annual SOC survey and am reviewing that dataset and report. However, we would like to try and benchmark as 
many Higher Ed and Academic Medical Centers as possible.  I will be happy to share the results of what I collect if 
there is expressed interest. Please feel free to respond to me directly  - Cynthia.carlton () rochester 
edu<mailto:Cynthia.carlton () rochester edu>. Thank you in advance for your feedback!


  1.  Does your organization have a formal Security Operations Center?

     *   Is it fully staffed with internal resources?
     *   Is it fully outsourced?
     *   Is it co-managed with a service provider?

  1.  If you do not have a Security Operations Center is it on your roadmap

     *   Are you planning to fully staffed with internal resources?
     *   Are you planning to fully outsourced?
     *   Are you planning to co-managed with a service provider?

The specific data we have been asked to report on was -  how many other Academic Medical Centers and Universities have 
deployed a SOC and are they are doing it all in house or do they outsource some or all of it?


Cynthia Carlton
Information Architect
University of Rochester
Desk:   585-275-1068
Email:  cynthia.carlton () rochester edu<mailto:cynthia.carlton () rochester edu>


**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community