Don't underestimate the talent of students, says Jay James, director of Auburn University's Security Operations Center (SOC), who built the center in Auburn over the past decade. Part of the center's mission is to hire students to help with cybersecurity as a way to strengthen the effectiveness of the SOC, but also to give students hands-on experience in the field.
Creating a SOC to respond to increasing attacks on schools and universities was one of the strategies that Microsoft highlighted in its recent cyber threat intelligence report Cyber signals.
Here are James' tips for putting students at the center of your institution's SOC.
Staffing Your Security Operations Center (SOC) with Students: Setting the Scope
As any cybersecurity professional knows, one of the big challenges of creating a SOC is resources. Before you even start, you need to think about how you're going to direct the limited resources you have, says James.
To do this, he advises really asking yourself why the center is being created. “Is it more for compliance reasons, where you have to make sure you have a SOC? Are you trying to scan for certain threats? Are you trying to protect certain types of data? he says. Once you've identified that “why,” you can prioritize resources.
The next step is to develop specific metrics for success, James says. He adds that if you're trying to sell the idea of a SOC at your institution, the student and educational component can be really attractive to various stakeholders.
Building student roles
For the student component, you must also create a program that is specific to students.
“So when you hire a student, they are in a program where they can receive extensive training in the basics of cybersecurity, how to be a SOC analyst, and how to really thrive in the work they will do in the SOC,” he says. James.
He adds that there is also a desire to develop specific student-focused employee training for new student hires. “It is going to be necessary to have a specialized training program for the students because they are catching up quite quickly and are also learning to work in a professional environment, something that many of the students have not had the opportunity to do. do,” he says.
Complementing the curriculum
The work students do in the SOC at Auburn is not directly related to their degrees or a graduation requirement, but James works with professors in relevant fields to learn what skills students have and how they can develop them while working in the SOC.
“We understand what they are learning in class and provide them with additional training,” he says. “It's a win-win situation. “We’re getting these very bright students who can support us and keep the campus safer, but they’re also gaining practical skills that would be much harder for them to gain if they weren’t in the program.”
Students also have the opportunity to work on projects of their choice, gaining valuable experience in the process. “While they are doing their daily triage of security alerts and incidents, we give them the opportunity to focus on a project that would help support us, but is also a great tool for building their resume,” says James. .
Student Recruitment for SOC
When you start working with students in a SOC, James says you may have to spend more time recruiting, as was the case in his experience. He advises connecting with the departments where cybersecurity classes are taught at your university for help with hiring.
Communicating with student organizations can also be effective.
“If there is a hacker club or if there are women in business or minorities in business and/or women in technology, or minorities in the technology club, all of those types of organizations have students that can be taken advantage of” , says. “Once it's established and students start experiencing the benefits of SOC, they start selling it for you.”
