Brisbane Catholic Education

MOQdigital helps Brisbane Catholic Education implement an Azure Sentinel Managed Service.

Brisbane Catholic Education (BCE) is a learning community of Catholic schools and the staff of the Brisbane Catholic Education Office. Brisbane Catholic Education’s primary goal is to provide quality teaching and learning outcomes for approximately 63,000 Prep to Year 12 students within more than 140 schools which are supported by BCE. BCE achieves this through the provision and support of IT, security, financial and ancillary services to the schools within the diocese, using Microsoft as a leading vendor of choice to meet these requirements.

As part of overarching security controls deployed within the environment, BCE conducts regular cybersecurity reviews of the environment to highlight risks and gaps in security capabilities. The purpose of these reviews is to ensure that the existing investment in Microsoft infrastructure is being used to the best of its abilities to mitigate these risks. This frequently includes enabling new features within their existing Office 365 and Azure investment.

bce

Business Challenge

During a recent review it was noted that an increasing trend in the frequency and quantity of events relating to attacks on accounts and identities was overwhelming the BCE internal operation teams and was leaving them at a high risk of security compromise. This led to BCE’s decision that they needed to be more proactive in their security posture, and that they were lacking a Security Operations Centre (SOC) to investigate, respond to and action events within the environment.

To best leverage the collection of data and events from within BCE’s existing investment in Microsoft and Azure, along with adjacent security controls and services, they sought out a service that could help them monitor and respond to security alerts on a 24/7 basis across their environment.

Solution

BCE engaged MOQdigital to deliver on this project, citing their broad and deep knowledge and experience in the Cybersecurity sphere. MOQdigital’s capability to provide 24/7 coverage support, a wide breadth of managed service capabilities, and a long-standing partnership with BCE made them the obvious choice for this project.

After a discovery process was completed and upon reviewing BCE’s cybersecurity needs, MOQdigital recommended and deployed Azure Sentinel as part of MOQdigital’s Sentinel Managed Service. The Sentinel solution would be integrated with BCE’s Azure Environment, and include the collection of log sources from outside the Microsoft and Azure environments to provide additional value and insight. With built in AI and ML capabilities and leveraging Microsoft’s significant investment in security, this solution would be managed, developed and enhanced by MOQdigital’s dedicated 24/7 SOC team, and include the following:

  • Security Incident Response – Responding to threats based on priority, investigating incidents using Sentinel’s advanced log correlation and visualisation tools, and producing post-incident reports for high profile security incidents.
  • Threat Hunting and Investigation – Actively seeking new or unknown suspicious activities, as well as patterns similar to recent events, leveraging Sentinel’s powerful entity explorer and guided hunting notebooks.
  • Enhance – Provide a continual cadence on the review and posture of the security capabilities of BCE, ensuring that adequate protections and controls are put in place to stay ahead of the evolving security threat
  • Security and Cost Management Report – Regular security incident reports based on the above inclusions, including a forecast on their Azure investment and recommendations.

 

Summary

In partnership with MOQdigital, BCE was able to successfully integrate Azure Sentinel into their environment, and together with the MOQdigital SOC, provide 24/7 mitigation of the risks associated with identity compromises and other potential cyberattacks on the BCE environment, its users, and data.

This reduced the time and cost of responding to threats, increased the accuracy of event information and reporting, and ultimately reducing the current and future risk of a successful attack on the BCE environment, including its data, applications and most importantly, its users.

MOQdigital Expertise

Industry

  • Education

Solutions

  • Provide a solution which efficiently collates and surfaces security events
  • Reduce the risk of potential security compromises
  • Integrates efficiently with their current Microsoft environment as well as BCE’s other security solutions
  • Improve their ability to respond to security alerts and threats

Specialisation

  • Azure Sentinel
  • Microsoft Azure
  • Office 365
  • SOC
  • Networking
  • Data
  • AI/ML