Coleg Cambria chooses LogRhythm’s NextGen SIEM Platform to centralise security operations
Further education provider Coleg Cambria decided it needed a single, end-to-end cyber security tool that would centralise and automate workflows, and accelerate threat qualification, investigation and response.
Following a review of the products on the market, Coleg Cambria selected LogRhythm’s NextGen SIEM Platform.
Formed in 2013 and located on the border of North East Wales, Coleg Cambria has
approximately 7,000 full time students, 20,000 part-time students and a number
of international links. Across its five sites, the college offers a vast array of
courses, including A levels, GCSEs, BTECs, Welsh for Adults and Higher Education.
In 2018, the college decided it needed to invest in a tool that centralised its
security operations and provided greater visibility into potential threats.
Coleg Cambria’s network infrastructure is extensive, complex and accessed by
thousands of users on a daily basis. Problems arose when the college realised
the threat detection tool they were relying on was becoming increasingly slow,
clunky and involved a lot of manual investigation, which was ultimately putting
too much strain on the IT department.
“Like many further education institutions, we are faced with managing threats
– both external and internal – and we knew that in order to do this effectively we
needed a platform that would remove time pressures and give us greater visibility
into the network.” said Robert Green, security analyst at Coleg Cambria.
After reviewing the market, Coleg Cambria decided LogRhythm’s NextGen
SIEM Platform was best suited to its need. It was chosen for its out-of-the-box
functionality and advanced analytic capabilities.
“The visibility and insight we now have with LogRhythm is unrivalled.” continued
Green. “Our IT team is now able to see exactly what’s happening across our
network in real-time, which is helping us stay one step ahead of potential threats.
For example, it’s already flagged malicious malware that one of our students
uploaded onto one of our labs, enabling us to neutralise the threat immediately.
We would never have known about this when using our previous tool.”
“The benefits of this platform also go beyond threat detection. The platform
has identified potentially dangerous holes in our existing security tools
and processes. An internal authentication server received a login request
originating from outside the network – something that shouldn’t have been
possible – which alerted us to the fact that there was a problem with our
firewall configuration. Furthermore, we realised that when staff left the
college, their accounts weren’t being deactivated in a consistent manner in line
with our operating procedures. By highlighting this, LogRhythm has helped us
improve our security programme significantly.”
Green concluded: “In addition to the visibility it provides, what set LogRhythm
apart from its competitors was its out-of-the-box capabilities, which enabled us
to start using the platform effectively from the offset. We had peace of mind
that we were protected as soon as it was plugged in.”