Deploy Bravely — Secure your AI transformation with Prisma AIRS

The University of Queensland secures world-class research through proactive partnership

WATCH THE VIDEO
WATCH THE VIDEO

SUMMARY

Frequently ranked in the top 50 global universities, The University of Queensland (UQ) is renowned for conducting cutting-edge biomedical research while maintaining a strong commitment to teaching and community engagement. Home to 7,500 staff and 57,000 students, including a 30% international population, the university must balance the enablement of global collaboration while protecting intellectual property and ensuring the cyber safety of a diverse population.

Before partnering with Palo Alto Networks^® Unit 42, UQ’s cybersecurity team recognized the need for expert guidance to navigate an increasingly sophisticated threat landscape. Dr. David Stockdale, UQ’s CISO and Director for Cybersecurity, sought more than just technology solutions. He needed a true partner with native integration and a best-in-class platform approach that could provide proactive assessments, strategic consulting, and deep expertise to elevate the university’s security maturity.

RESULTS

3,779

Identified issues, down from 15,178

16,059

External assets discovered and protected, up from 14,006

75%

Attack Surface Security rating, up from 55%

CHALLENGES

Protecting research and community in a dispersed environment

A series of interconnected cybersecurity challenges threatened the university’s operational continuity and research mission:

Fragmented security infrastructure: Multiple point products from different vendors created operational complexity and visibility gaps across the environment.
Evolving threat landscape: The team struggled to keep pace with increasingly sophisticated threats targeting research institutions and their valuable intellectual property.
High-stakes impact: Potential security incidents could result in compromised student data, loss of valuable research, and significant reputational damage.

Path to platformization

Network security

Next-Generation Firewalls

Hardware Firewalls
Software Firewalls

Learn more

SOC transformation

Cortex XDR
Cortex XSOAR
Cortex XSIAM

Learn more

Proactive and incident response services

Unit 42 Retainer
Unit 42 Proactive Services

Attack Surface Assessment
Purple Team Exercises
SOC Assessment

Learn more

SOLUTIONS

Expert-driven security transformation

After years of managing vendor relationships that felt transactional, UQ found an organization willing to truly understand the university’s unique challenges and work together to solve problems. At the heart of this partnership sits Unit 42, the elite threat intelligence and security consulting team from Palo Alto Networks. Stockdale, who admired Unit 42’s threat intelligence mission long before it became a consultancy, has seen its growth into an essential partner whose proactive guidance and strategic expertise now drive UQ’s security transformation. Engaging these services from a reputable third party enhances cyber resilience while helping Stockdale educate leadership and the board of directors.

View video

Unit 42

Strategic expertise to drive security transformation.

Cortex XDR

Deep visibility and swift response to threats.

01 / 02

Where expertise meets action

UQ’s Unit 42 Retainer gives the university access to world-class cybersecurity expertise across multiple areas, ranging from digital forensics and incident response to strategic proactive services like SOC assessments and purple team exercises. Given that UQ has yet to suffer a major security incident, it has directed retainer credits toward proactive services that have delivered measurable improvements in security posture and team capabilities. Those include:

Attack Surface Assessment

By leveraging Cortex Xpanse^®, the Unit 42 team discovered over 2,000 external-facing assets that UQ hadn’t been aware of, thereby helping protect them from threats. Rather than overwhelm the team with an exhaustive list of findings, Unit 42 helped UQ understand which issues posed genuine risk and required immediate attention, enabling efficient resource allocation and rapid risk reduction. This proactive approach yielded substantial results: In its second year performing the assessment, UQ saw a 4x decrease in threats.
Purple Team Exercises

Combining red team offensive tactics with blue team defense, this exercise exposed critical gaps that the UQ team hadn’t had the time or capacity to uncover. What distinguished this engagement from traditional audits was the live-fire coaching and knowledge transfer. Above and beyond receiving findings to remediate, the team gained hands-on experience that built lasting capabilities.
SOC Assessment

The SOC Assessment delivers an actionable framework to transform the UQ SOC, directly feeding into the university’s three-year cybersecurity strategy and agile action plan. By addressing existing priorities while identifying new initiatives to pursue, the framework ensures the university’s security operations evolve in lockstep with the shifting threat landscape. This assessment also benefited from a unique advantage: The Unit 42 consultant is a former UQ student who combines expertise with a firsthand understanding of the university’s culture.

“There are a lot of vendors out there who tell you that their solution will fix your problem. Our relationship with Palo Alto Networks is a partnership model. They help us understand our environment, what their technology can do, and where it’s going. We plan based on those conversations.”

- Dr. David Stockdale

CISO and Director for Cybersecurity, The University of Queensland

Platform integration: Enhancing Unit 42 impact

UQ’s adoption of the Palo Alto Networks platform creates powerful synergies with Unit 42 services. The journey began in 2017 with hardware firewalls, when UQ was focused on assembling best-of-breed technologies. As Palo Alto Networks emerged as a pioneer of the platform concept and built out its product portfolio, UQ recognized distinct operational advantages in partnering with a single vendor. The native integration reduces operational complexity, saves valuable time, enables optimized feature use, and provides Unit 42 consultants with systemic visibility into UQ’s security posture.

Comprehensive endpoint protection

Cortex XDR provides UQ advanced protection for over 20,000 endpoints, with threat detection and response capabilities that integrate seamlessly with the broader security infrastructure. When Unit 42 identifies threats or provides guidance, the integrated platform enables rapid implementation of protective measures. This unified approach has dramatically improved the team’s efficiency, visibility, and speed in protecting against advanced threats.

“We have smaller incidents all the time, and Cortex XDR allows us to deal with those very, very quickly and effectively. If—rather, when—we have a bigger incident, it will be there to support us with instant response.”

- Dr. David Stockdale

CISO and Director for Cybersecurity, The University of Queensland

Elevated operational efficiency through automation

Cortex XSOAR has transformed daily operations at the UQ SOC, from enhancing intelligence-gathering to reducing analyst workload. Stockdale appreciates that if an incident is identified through XDR, XSOAR can directly enrich the information. Analysts who investigate 20 to 100 daily cases now have events fully contextualized with all necessary information, enabling them to dramatically speed up resolution. These time savings translate directly to cost savings and create capacity for strategic improvements. UQ has also been able to create custom automation playbooks for a wide range of scenarios, creating additional efficiencies.

Preparing to accelerate AI-driven defense

UQ is adopting Cortex XSIAM^® to enhance analyst flexibility and deepen its use of AI and automation. This forward looking approach reflects UQ’s recognition that AI is fundamentally reshaping cybersecurity. Stockdale notes that the university relies on Palo Alto Networks to identify emerging threats and integrate the necessary protections directly into its platforms. The ongoing partnership with Unit 42 ensures that UQ will stay one step ahead of threat actors by fighting AI with AI.