Safeguard vast, sensitive data stores
The University of Bayreuth is an open, collaborative hub for learning and research. Thousands of students and staff connect to the network anytime, anywhere, to support learning and research. But, a growing threat of cyberattacks on universities meant Bayreuth’s vast, sensitive data stores were at increased risk. The university’s challenges included:
- Reducing the risk of data breach: Academia’s mission of openness and collaboration expands attack surface and heightens risk.
- Navigating the cybersecurity skills shortage: The competition for cybersecurity talent – particularly from the commercial sector – makes it harder for universities to attract and retain the security skills they need to safeguard their assets.
- Protecting a plethora of devices: A compromised device offers a foothold for network-wide infection.
"We’re a modern, open university with thousands of users and systems spread across faculties. Part of my role is to keep threat actors out so students, scientists, and staff can enjoy a secure, consistent learning environment. But this is no easy feat, particularly against a backdrop of a cyber skills shortage."
– Ralf Stöber
CISO, The University of Bayreuth
Emergency response and peace of mind
Looking to stay ahead of threat actors targeting its precious academic data, the university secured a Palo Alto Networks Unit 42 Retainer to enable the team to quickly contain, investigate, and respond to suspected attacks.
Ralf comments, “The interplay of technical infrastructure security, first-responder training, highly qualified analysis, and highly effective countermeasures makes Unit 42 an excellent security partner.”
-
Delivers rapid, expert incident response
Unit 42 was recently tested when malware indicators were detected in the university’s environment during the start of the academic year: a hectic period when students and staff are almost all online. Undetected, such malware could have spread laterally, infiltrating the system and putting student and faculty data at risk.
Unit 42 quickly analysed the incident and provided an in-depth post-attack analysis, explaining the size and severity of the incident. This helped the university’s security team strengthen its defences against future threats.
“This would have taken us a month to analyse, or we would need up to five more people in-house for an APT retainer team. It’s difficult to recruit the skills, but thankfully, Unit 42 takes care of all of that,” says Ralf.
-
Supports continuous improvement
Unit 42 works alongside the university’s security team, providing expert guidance on strengthening the cybersecurity infrastructure – especially some of the legacy systems. The security team has also benefited from Unit 42’s proactive services, such as first responder training, which educated IT service centre staff on how to efficiently and quickly handle an incident in partnership with Unit 42.
Ralf concludes, “Unit 42 feels like an extension of the university. They understand our goals, our challenges, and our environment.”