LSU Solves Cybersecurity Challenges with a Replicable Model Powered by TekStream and AWS

Higher education institutions are under continual attack from cybercriminals, according to Craig Woolley, chief information officer at Louisiana State University (LSU). The university must protect the sensitive data of its students, staff, and research groups across an increasingly complex technology infrastructure.

But budget constraints and an industry-wide shortage of cybersecurity professionals made it difficult to protect LSU fully. “We needed to take our protection to the next level and knew we couldn’t do it ourselves,” says Woolley. “We looked for a partner that would think outside the box and help us find a solution that would work at LSU but also across the entire Louisiana university system.”

LSU worked with TekStream Solutions—an AWS Partner and expert in cloud-based cybersecurity—to create a robust security operations center (SOC) that gives the university 24/7/365 protection with best-in-class technology and a cost-effective model. The solution features TekStream’s managed detection and response (MDR) service that automatically monitors networks and devices for malicious activity and responds quickly to mitigate threats, reducing the time from risk detection to remediation while also lowering the number of incidents that require human intervention.

To analyze large amounts of data and provide insights into security, the solution uses Splunk’s security information and event management (SIEM) and its security orchestration, automation, and response (SOAR) software deployed on Amazon Web Services (AWS).

To reduce costs and help develop the next generation of cybersecurity professionals, TekStream trains LSU students to work in the SOC through a public-private partnership. Woolley notes, “One of our five main pillars at LSU is that we are committed to being a leader in cybersecurity education. As we improved our security posture, we wanted to do so in a way that would introduce our students to this process.”

Students gain real-world training and hands-on experience with threat detection, assessment, and remediation, augmenting classroom learning and giving them a head start on a career in cybersecurity. They also benefit from playbooks that TekStream develops to promote the use of best practices and consistency in execution.

TekStream’s chief executive officer Rob Jansen adds, “LSU is a pioneer in cybersecurity education. Combining classroom education with this hands-on experience means students will graduate with skills that are immediately applicable and needed in the workforce. This approach also helps fill the estimated 400,000 open jobs in the cybersecurity space.”

To ensure that this innovative solution would meet LSU’s high standards for performance and flexibility while being able to scale rapidly, TekStream leveraged AWS infrastructure. TekStream was able to stand up this new model at LSU in three months with plans to onboard 31 additional universities across Louisiana during the next 18 months. “The scalability and elasticity of the AWS platform mean that we can onboard other schools in a matter of months,” says Jansen.

The solution leverages Amazon Elastic Compute Cloud (Amazon EC2) for secure and resizable compute capacity that can be dynamically provisioned to meet the fluctuating needs of LSU and other universities. Amazon Simple Storage Service (Amazon S3) delivers scalable storage resources to achieve industry-leading data durability cost-efficiently. Amazon CloudWatch monitors applications, responds to performance changes, and provides insights into operational health, helping TekStream optimize the system. “With Amazon CloudWatch, we can proactively measure potential bottlenecks to right size the compute instances for optimal performance and cost. It also enables us to get ahead of any potential operational problems and maximize uptime,” says Jansen.

This effective solution has already made a significant difference at LSU, reducing the number of cybersecurity incidents requiring intervention from a security analyst by 50 percent.

This new cyber protection model can scale quickly from LSU to the 31 other universities on the Louisiana Optical Network Infrastructure (LONI), a high-speed, fiber optic network that connects the state’s university system. “A solution like this would be cost prohibitive for many schools to build and manage on their own. We’ve created an affordable, expandable solution that achieves massive economies of scale by sharing resources,” says Woolley.

Universities across Louisiana can choose to stand up their own physical SOC run by their students or have LSU extend its SOC services to their campuses. All connected schools will share threat intelligence and be able to coordinate threat detection and response, improving the security posture of the entire LONI ecosystem.

Jansen concludes, “This is an incredible example of how universities can address the shortage of cybersecurity talent in the US. It can serve as a blueprint for how public and private entities can leverage a strategic MDR approach with TekStream and AWS to enhance cybersecurity cost-effectively.”