Organization: Waukesha County Technical College
|Total student enrollment
|Programs and certificates
Log Sources: 17 with 420+ individual sources from: ExtremeXOS, Palo Alto Firewall, Microsoft Exchange 2016, Office 365 Management and Message Tracking, IIS, Apache Tomcat, MySQL, and Oracle WebLogic
- Reduced number of phishing and spam emails
- Illuminated gaps in the college’s network security
- Set up real-time alarm notifications
- Provided instruction to fix vulnerabilities
In an age where cyber attacks abound, many colleges and universities find themselves inadequately prepared to deal with the ever increasing threat vectors. One of the most common challenges faced in the higher education industry is a lack of cybersecurity training. Waukesha County Technical College (WCTC), a public university located in Wisconsin, found itself in a similar situation. WCTC had a decent-sized IT staff of nearly 20 employees, but it (like many other institutions) lacked the necessary focus and training in cybersecurity. WCTC had existing security practices in place, like firewalls, but they knew they lacked the overall knowledge needed to properly protect the university’s network.
In addition, many of the college’s students and staff were receiving phishing emails and spam through their Office 365 system. To make matters worse, recipients were clicking on the malicious links. “Some of our students were starting to lose $2,500 to $3,500 from these scams,” said Rodney Nobles, CIO of Waukesha County Technical College. “This problem cascaded until it even began to affect our Exchange Server.”
WCTC knew it needed help, but hiring an entire internal security team was not a practical solution. Like many other colleges, WCTC had a limited budget and knew it needed to spend its resources wisely. The college could go through the process of onboarding additional staff members and pay the generally high salary range for these employees, or it could funnel its resources into a more cost-effective solution like a third-party vendor.
“I thought bringing in someone that already had an established security relationship would benefit the college more than trying to put together an entire security team,” said Nobles. With this knowledge in hand, the college began its search for a partner.
In 2019, WCTC began its search for cybersecurity help by researching online, vetting out vendors and attending conferences. Later that year, WCTC met BitLyft at a higher education industry leadership conference and was impressed with the team’s experience and fresh approach to delivering a custom solution.
“We felt very comfortable with BitLyft,” said Nobles. “They didn’t just want to come in and be a vendor to make money. They actually wanted to listen to and understand our goals and not just tell us all of their services.”
BitLyft began its work at WCTC by first implementing a Security Incident and Event Management (SIEM) system. Installation of the SIEM allowed the college to capture every network log which illuminated what was happening on their network at any given time. Next, BitLyft helped set up real-time alarm notifications to notify the university of potential threats. BitLyft’s SOC team continues to work in tandem with the college to monitor, address, report and collaborate about upcoming projects and impending issues. BitLyft hosts weekly meetings with WCTC to discuss challenges, investigate notifications or remediate threats.
“Our staff continues to learn with BitLyft,” said Nobles. “We have great synergy working together.”
- Reduced the number of phishing and spam emails by installing a SIEM system.
- Worked with WCTC SOC team to illuminate and fill gaps in the college’s network security.
- Provided WCTC instruction and education of how to fix and prevent vulnerabilities.
The partnership between BitLyft and WCTC has significantly reduced the number of phishing and spam emails that users are exposed to. BitLyft also illuminated the gaps in the college’s network security and provided instruction on how to fix those vulnerabilities. BitLyft continues to collaborate with WCTC and provides ongoing support and additional resources to make their network more secure. “Our goal was to make our environment more secure in any way,” said Nobles. “With BitLyft on board, my staff is now more cybersecurity aware—and I feel better too. I now have go-to security people that can help when issues come up.” As the partnership progresses, BitLyft continues to monitor and implement proactive measures to immunize the college’s network from future threats. “It’s a great partnership,” said Nobles. “I feel like BitLyft is part of my staff and we are working together in our cybersecurity efforts.”