In today's digital age, the prevalence of cyber attacks has become a major concern for organizations across various industries, with higher education institutions particularly vulnerable. As the volume and complexity of cyber threats continue to escalate, there is a growing need for innovative solutions to bolster cybersecurity defenses.
One solution that has been gaining traction is the concept of the Student-Powered SOC, which leverages the skills and expertise of students to handle triage and Tier 1 incident response. This approach provides institutions with increased coverage and allows cybersecurity professionals to focus on more strategic initiatives while students address incoming alerts.
The need for Student-Powered SOCs is underscored by the alarming statistics revealed in the Checkpoint Software 2022 Mid-Year Security Report, which illustrates the education and research sector as the most targeted industry, with an average of 2,297 attacks per week, marking a 44% increase from the previous year.
Furthermore, the shortage of cybersecurity professionals has posed significant challenges for organizations worldwide, with a staggering 3.5 million unfilled cybersecurity jobs globally. This scarcity of talent has contributed to high turnover rates, particularly in the public and education sectors, where compensation packages often pale in comparison to those offered by private industries.
The implementation of Student-Powered SOCs not only addresses these pressing issues but also aligns with the mission of universities to prepare students for their future careers. By involving students in cybersecurity teams, educational institutions can provide valuable real-world experience to aspiring professionals while simultaneously reducing operational costs.
The benefits of incorporating students into SOC operations extend beyond addressing workforce challenges. Students gain invaluable exposure to complex IT infrastructures and emerging technologies, such as cloud-based services and security threat detection, all of which are instrumental in preparing them for careers in cybersecurity.
Several universities have embraced the Student-Powered SOC model, with programs designed to provide students with hands-on experience and practical training. For example, the "learning SOC" at California Polytechnic State University offers students the opportunity to work alongside full-time staff and gain proficiency in real-world tools like Splunk Enterprise Security.
Similarly, the University of Cincinnati has successfully integrated students into its SOC program, providing international students with the chance to acquire real-world experience in security operations while also earning internship credit.
"It will be a true real-world experience,” said Craig Woolley, CIO at LSU. Woolley added that “if students are unable to handle an incoming incident, TekStream will handle it. A team of students staff the SOC on Monday-Friday from 8 a.m. until 8 p.m., with a managed service provider covering the rest of the 24/7 support and escalation services during those times. LSU operates two student-powered SOCs at its Baton Rouge and Shreveport campuses. Eventually, the SOC capabilities will be scaled to support any institution across the state wishing to develop one. This program has expanded into the State of Louisiana agencies; they offer students who come out of this program state employee jobs with student loan forgiveness if they fulfill a two-year commitment.”
As the cybersecurity landscape evolves, the Student-Powered SOC presents a compelling solution to address the industry's growing challenges. By nurturing the next generation of cybersecurity professionals and empowering them to actively contribute to security operations, educational institutions are fortifying their defenses and preparing students for successful careers in this critical field.
Exciting things are in store as we look forward to seeing the amazing achievements that lie ahead for future generations. Explore how Splunk can empower public-sector agencies – visit our public sector page to learn more.
The Splunk platform removes the barriers between data and action, empowering observability, IT and security teams to ensure their organizations are secure, resilient and innovative.
Founded in 2003, Splunk is a global company — with over 7,500 employees, Splunkers have received over 1,020 patents to date and availability in 21 regions around the world — and offers an open, extensible data platform that supports shared data across any environment so that all teams in an organization can get end-to-end visibility, with context, for every interaction and business process. Build a strong data foundation with Splunk.