Brisbane Catholic Education (BCE)

Brisbane Catholic Education (BCE)

BCE Reduces Cybersecurity Risks with Azure Sentinel

The summary

Industry:

Education

Country:

Australia

Business Challenge

An increase in the number and frequency of cyber security events was overwhelming BCE’s internal operations team and leaving the school network at a high risk of security compromise.

Solution:

BCE deployed Azure Sentinel; a solution which integrated easily with their existing Azure environment and maximised their existing Microsoft investments.

Results

The successful integration of Sentinel has enhanced BCE’s security capabilities, reduced the time and cost involved in responding to threats, and ultimately reduced the risk of a successful cyber-attack.

“Our cybersecurity capabilities have been greatly enhanced. We are now able to respond quickly to security alerts and keep our environment secure”

Jeff Peters, Manager, Information Systems, Brisbane Catholic Education

The Situation

Brisbane Catholic Education (BCE) is a learning community of all involved in diocesan Catholic schools and the staff of the Brisbane Catholic Education Office. With over 140 schools, Brisbane Catholic Education provides quality teaching and learning outcomes for Prep to Year 12 students.

As part of overarching security controls deployed within their IT environment, Brisbane Catholic Education conducts regular cybersecurity reviews to highlight risks and gaps in security capabilities. These reviews are designed to ensure that BCE’s existing investment in Microsoft infrastructure is being used as effectively as possible to mitigate these risks. The reviews often result in new features being enabled, to enhance BCE’s existing Microsoft 365 and Azure investments.

The Challenge

During one of these reviews, it was noted that an increase in the frequency and volume of events related to attacks on accounts and identities was overwhelming the BCE internal operations team and leaving them at a high risk of security compromise.

To bolster their security posture and address the situation proactively, BCE identified the need for a dedicated Security Operations Centre (SOC) to investigate, respond to, and mitigate events within their environment.

With a desire to make the most of their existing investments in Microsoft and Azure, as well adjacent security controls and services, BCE wanted a solution that could monitor and respond to security alerts on a 24/7 basis across their environment.

The Solution

During a discovery process undertaken by the Cybersecurity Team at MOQdigital (a Brennan company), during which BCE’s cybersecurity needs were thoroughly reviewed, the team recommended deploying Azure Sentinel as part of their Sentinel Managed Service.

The solution would integrate with BCE’s Azure Environment and include the collection of log sources from outside the Microsoft and Azure environments, providing additional value and insight.

With built in AI and Machine Learning capabilities, and leveraging Microsoft’s significant investment in security, this solution would be managed, developed, and enhanced by a dedicated 24/7 SOC team, and include the following:

  • Security Incident Response – Responding to threats based on priority, investigating incidents using Sentinel’s advanced log correlation and visualisation tools, and producing post-incident reports for high profile security incidents.
  • Threat Hunting – Actively seeking new or unknown suspicious activities, as well as patterns similar to recent events, leveraging Sentinel’s powerful entity explorer and guided hunting notebooks.
  • Enhance – Provide a continual cadence on the review and posture of the security capabilities of BCE, ensuring that adequate protections and controls are put in place to stay ahead of evolving threats.
  • Security and Cost Management Report – Regular security incident reports, including a forecast on their Azure investment and recommendations.

The Result

Brisbane Catholic Education was able to successfully integrate Azure Sentinel into their environment, and together with the SOC team, provide 24/7 mitigation of the risks associated with identity compromises and other potential cyberattacks on the BCE environment.

“Our cybersecurity capabilities have been greatly enhanced” says Jeff Peters, BCE’s Manager, Information Systems. “We are now able to respond quickly to security alerts and keep our environment secure.”

Following the adoption of Azure Sentinel, not only has BCE reduced the time and cost involved in responding to threats, but also increased the accuracy of event information and reporting – ultimately reducing the risk of a successful attack on the BCE’s data, applications and most importantly, its users.

Join us on social

Get in touch

Tell us what you need help with, and we’ll send the right expert your way.