A leading university in US enhanced its cybersecurity against phishing attacks without additional infra investment

What our customer encountered?

Our client, a prestigious university in the U.S. with a complex network and large user base, encountered several challenges such as:

Significant rise in phishing attacks targeting staff members
The exponential growth of these attacks placed a heavy burden on the IT department’s capacity to respond effectively
The university’s internal security team lacked the proper training to effectively combat the evolving phishing threats

The challenges resulted in:

IT staff spent excessive hours remediating individual account compromises
The limited capacity to address threats increased the risk of breaches
Budget cuts prevented hiring additional cybersecurity personnel
Decreased staff morale due to long hours and pressure
Potential reputational damage

What our customer needed?

Our customer required a solution to enhance threat detection capabilities, enabling swift identification and response to phishing attempts and preventing account compromises while minimizing the need for additional infrastructure investment. Additionally, streamlining the process of dealing with compromised accounts and automating remediation efforts to free up valuable IT staff time and resources. Recognizing the limitations of their internal team, the university wanted access to experienced cybersecurity professionals.

The Solution

KGiSL implemented a cloud-based Security Operations Center-as-a-service (SOC)model that could readily handle the university’s needs without requiring additional infrastructure investment. This strategic decision enabled the university to leverage KGISL’s robust cybersecurity platform, delivering enhanced threat detection and response capabilities.

What we delivered?

Formed a Cybersecurity Incident Response Team (CSIRT) responsible for leading or managing incident responses, adhering to the NIST framework

Designed and implemented an intuitive incident management dashboard to provide real-time visibility and insights into event-related data

Deployed a system that automatically generates incidents upon detection of real threats. These incidents are swiftly assigned to specific analysts or groups to ensure timely and targeted response actions.

Incidents within the Case Manager are enriched with all essential information. This comprehensive data enables the SOC team to immediately initiate collaborative and transparent actions.