Customer name: Brunel University London
Industry: Higher Education
Location: London, UK
Students: Over 14,000
● Building a top-notch security strategy from scratch with a tight budget.
● Defending highly targeted data against online criminals and nation states.
● Safeguarding vast amounts of information from phishing attacks, ransomware, data exfiltration, and more – with a system focused on usability and simplicity for their users.
● Cisco® Security Enterprise License Agreement (ELA):
● Next Generation Firewall, Next Generation Intrusion Prevention, Umbrella, Threat Grid, Stealthwatch Cloud, Cloudlock, Identity Services Engine, Threat Response, Cloud Email Security, Advanced Malware Protection
● Cisco Incident Response Services
● A unified security platform that resulted in a 70 percent efficiency gain by the university through improved threat detection and incident resolution, and reduced end user downtime.
● Increased protection of sought-after intellectual property, student data, research data, business commercial data.
● The ability to grow business and gain a competitive advantage across the university sector.
Background and Vision
Brunel University London is a research-intensive university in the UK. It was officially established more than 50 years ago as a technology university, but its history can be traced all the way back to 1798 through its predecessor colleges. Today, its student population of over 14,000 individuals is pursuing an education underpinned by technological innovation. Brunel, along with its partners, is also involved in critical research for solving global challenges. All of this is supported by over 2,000 staff members.
When Chief Information Security Officer Mick Jenkins joined Brunel several years ago, the organization’s security strategy did not match its high levels of ambition in areas such as world-class education and research. Due to the open nature of universities when it comes to widely sharing data and enabling seamless access to educational resources, security can sometimes be given less attention than is necessary. But with the increasing amount of confidential and proprietary data being created and held by Brunel, Jenkins knew this had to change.
From counterterrorism to cybersecurity
As a former intelligence and counterterrorism officer in the military, Jenkins was used to working with classified and protected data, and was intimately familiar with the need for strong security measures. According to Jenkins, “Universities have valuable information assets that can impact the nation because of our tremendous amounts of high-end research, intellectual property, patents, and personal data. We are a big target not just for organized crime, but for nation states as well.”
Jenkins’ current role as a CISO reminds him greatly of his time in the military, and the grave importance of intelligence and understanding your adversaries’ behavior in order to effectively defend against them and protect vital information. Upon joining the university, Jenkins went to work establishing a realistic, yet strong 5-year security plan for Brunel. “Despite possessing lots of personal and proprietary data, we are not a bank or insurance provider,” said Jenkins. “Thus, I had to carefully balance risk with investment.”
The main focus of Jenkins’ plan was intelligence collection to observe the security landscape and evaluate threats. Instead of trying to cobble together a solution from a multitude of vendors, Jenkins felt that the best approach would be to work with two or three strategic partners to build a unified cybersecurity platform that could holistically monitor, detect, and mitigate threats. “Working with just two or three companies is better than having 15 or 16 vendors all with different products,” said Jenkins.
Building a unified security platform
Brunel is now roughly halfway through its 5-year plan, and Cisco has played a critical role in helping to design an integrated security platform that provides situational awareness, data protection, and a return on investment. According to Jenkins, “The streamlined platform approach has been quite easy for our security analysts to work with, and we’ve already seen evidence of shortened threat detection times. Once we see a threat, we’re now able to interject and contain it much quicker.”
The university’s security platform includes a wide range of Cisco® technologies and services – from firewalls and network security, to endpoint, cloud, and email security, to incident response. All of these capabilities work together to provide greater intelligence, automation, and stronger defense. The platform has resulted in a 70 percent efficiency gain by the university through improved threat detection and incident resolution, and reduced end user downtime.
The Brunel security team has been able to demonstrate a considerable reduction in business risk since the start of its 5-year plan. Brunel’s security team is now viewed across the organization as a group of problem solvers versus policemen. “When you act as one unified team with strong leadership and excellent collaboration, you can stand at ease knowing that you’re the best line of defense,” said Jenkins. “None of this would have been possible without a clear vision, ambitious goals, powerful and engaging thought leadership, and a strong partnership with Cisco.”
Winning with security
Beyond just enabling the business, Brunel’s security platform has also allowed the school to win business when it comes to its research endeavors. “When looking to partner for research projects, the consortiums and commercial organizations we work with want a university that takes data protection and information security seriously,” said Jenkins. “Our efforts in cybersecurity have therefore enabled us to be awarded research projects over some of our competitors because our partners trust us with their information.”
When asked why Cisco was chosen over other vendors to support the university on this journey, Jenkins discussed Cisco’s unique ability to provide in-depth intelligence surrounding potential attack vectors, which enables his security analysts to stay ahead of future threats. He talked not only about the technology that Cisco offers to collect and analyze intelligence, but also the people behind the products – the forensic, intelligence, and incident response teams that enrich the platform. “Watching and observing Cisco engineers, you can see they are on top of their game,” said Jenkins, “and that for a customer gives us great assurance.”
“Working with just two or three companies is better than having 15 or 16 vendors all with different products.”
- Mick Jenkins- CISO, Brunel University London
“The Cisco platform has allowed us to get one view of what’s going on inside the organization,” added Simon Furber, network and infrastructure architect for Brunel. “It makes our job easier, and enables us to share information with other teams and with management so they also gain visibility into what’s happening. Our level of security management and control, and our ability to improve our risk posture, have gone up greatly since working with Cisco.”
Now that Brunel has built its unified security platform, it plans to extend its capabilities with data loss prevention, segmentation, and zero-trust security measures. “Future proofing using a platform approach allows you to add on new capabilities as they’re developed and as threats happen,” said Jenkins. “A cross-architectural platform is quite simply what customers want, and there are not many others besides Cisco who are providing that approach.”
“Our level of security management and control, and our ability to improve our risk posture, have gone up greatly since working with Cisco.”
- Simon Furber- Network and Infrastructure Architect, Brunel University London
For more information
For more information on the Cisco Security portfolio and platform approach to security, visit: cisco.com/uk/secure