Employers want applicants with experience, even for entry-level cybersecurity roles. Universities traditionally help students gain cybersecurity experience by hiring them for on-campus jobs or by matching job seekers to employers for off-campus work. A third option is described in this paper in which universities bring external companies on campus. Recently, our institution partnered with Novacoast to open a security operations center on campus that employed university students as analysts. Novacoast develops NovaSOC—a security information and event management platform that captures and analyzes information gathered from server and client devices. Interns in our campus security operations center used NovaSOC to monitor security events for Novacoast customers who chose to outsource monitoring to Novacoast. While the security operations center has been a success, establishing it required that the institution address technical issues such as network connectivity and organizational changes like requiring background checks for student employees. Students reported that they would choose to work in the security operations center again but were generally underworked. Administrators reported that the security operations center was aligned with the university’s mission but felt that few people at the university truly understood the work conducted in the security operations center. Institutions looking to bring external entities on campus for similar partnerships should engage risk management early, ensure that student staffing matches the expected workload, and develop plans for financial sustainability. This paper delves into the details of bringing a security operations center onto our campus and gives actionable advice for institutions seeking to establish similar partnerships.
"SOC It to ‘Em: Bringing a Security Operations Center onto a University Campus,"
Journal of Information Systems Education: Vol. 33
Available at: https://aisel.aisnet.org/jise/vol33/iss3/8
When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.