Provide the background of this request.What events or discussions preceded this request? Have there been previous efforts related to this request? Are you working with a vendor already? What are the benefits of this initiative?
Mines primary objective for this project is to implement a 24 hour, 7 days a week cybersecurity Monitoring, Detection, and Response (“MDR”) service. This service, provided by Arctic Wolf (AW), will be working in conjunction with the Mines Security Operations Center (SOC) and Security teams to protect the Mines campus from cyber threats. Arctic Wolf will focus on monitoring and detecting threats present in the Mines environment and alert the Mines SOC or Security teams of any validated security incidents.
Today, cybersecurity monitoring is performed by the SOC which is primarily staffed by students. Depending on SOC scheduling there are daily periods where there is no cybersecurity monitoring. With the new MDR solution, monitoring will become more complete, automated and will be 24x7x365.
By detecting malicious events before harm can be done, Mines can avoid the risks associated with a significant, preventable cybersecurity event. An effective MDR solution is critical to combat the ever-increasing specter of cybersecurity threats. Institutes of higher education are no exception.
-In 2019, a vulnerable web application at Georgia Institute of Technology exposed the personally identifiable data of 1.3M students, applicants, and staff, both past and current. The university had a different breach later in the year when a staff member accidentally sent student data to 1,100 other students.
-In 2020 University of California San Francisco (UCSF) fell victim to a ransomware attack spending $1.1M to recover crucial COVID-19 research data at the height of the pandemic.
-In 2020 University of Utah fell victim to a ransomware attack spending $0.5M to recover personally identifiable employee data and passwords.
Avoidance of these types of scenarios are the motivating factor for enhancing Colorado School of Mines’ IT security posture. By providing round-the-clock monitoring via Artic Wolf, ITS will protect the Mines IT environment in real time and take that data to routinely enhance our security posture.