Re: Security Operations Center Management

[Marcelo Lew <Marcelo.Lew () DU EDU>]

  1.  Does your organization have a formal Security Operations Center? Yes
     *   Is it fully staffed with internal resources? Yes (4 engineers)
     *   Is it fully outsourced? No
     *   Is it co-managed with a service provider? No, but we used Darktrace and Crowdstrike for critical activity 
notification that we might have missed.



Marcelo Lew  cissp-issap
University of Denver
Information Security Manager
303-871-6523



From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Carlton, Cynthia
Sent: Monday, January 25, 2021 3:37 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [EXTERNAL] [SECURITY] Security Operations Center Management

CAUTION: Be careful with this message
This email came from outside of the University of Denver. Do not open attachments, click on links, or respond unless 
you expected this message and/or trust the email address: owner-security () LISTSERV EDUCAUSE EDU<mailto:owner-security 
() LISTSERV EDUCAUSE EDU>.

Good afternoon

I'm working on doing a quick benchmarking survey on behalf of our CISO regarding SOC's. I did find a previous posting 
regarding an annual SOC survey and am reviewing that dataset and report. However, we would like to try and benchmark as 
many Higher Ed and Academic Medical Centers as possible.  I will be happy to share the results of what I collect if 
there is expressed interest. Please feel free to respond to me directly  - Cynthia.carlton () rochester 
edu<mailto:Cynthia.carlton () rochester edu>. Thank you in advance for your feedback!


  1.  Does your organization have a formal Security Operations Center?
     *   Is it fully staffed with internal resources?
     *   Is it fully outsourced?
     *   Is it co-managed with a service provider?
  2.  If you do not have a Security Operations Center is it on your roadmap
     *   Are you planning to fully staffed with internal resources?
     *   Are you planning to fully outsourced?
     *   Are you planning to co-managed with a service provider?

The specific data we have been asked to report on was -  how many other Academic Medical Centers and Universities have 
deployed a SOC and are they are doing it all in house or do they outsource some or all of it?


Cynthia Carlton
Information Architect
University of Rochester
Desk:   585-275-1068
Email:  cynthia.carlton () rochester edu<mailto:cynthia.carlton () rochester edu>


**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community<https://urldefense.com/v3/__https:/www.educause.edu/community__;!!NCZxaNi9jForCP_SxBKJCA!HS8CKb-WvwZOO0WCt0YPW99aioAXlolwM4HfimiHspVun6SwfwgI2NbjwTU-tzeR$>

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community