R & D project

Security operations centre (SOC): defending UK education and research

As cyber threats become increasingly sophisticated, we are taking a proactive stance to help our members navigate the challenges of protecting their valuable digital assets.

Focused male computer programmer working on laptop at desk in office

Started

Expected outcome:

New service

Institutions face the challenge of protecting digital assets against increasingly sophisticated cyber threats. The need for robust cybersecurity measures is more critical than ever. Our new security operations centre (SOC) will help our members to navigate these challenges. Our cybersecurity experts will detect, analyse and respond to security incidents in real time.

We are committed to staying ahead of threat actors and strengthening the cybersecurity of the UK’s institutions. Our SOC is built in collaboration with industry-leading partners. We aim to leverage cutting-edge technology to provide the most effective protection against emerging threats.

Key features

24/7 threat monitoring and response

Our sector-specific experts will offer continuous threat detection and response. We monitor your security infrastructure round the clock to quickly identify unusual activity.

Industry-leading technology

Our leading partnerships help us to be able to react quickly and in a seamless operation. Our SOC will collect and analyse data from across your entire IT environment, providing a comprehensive security solution. This includes networks, devices, and critical information systems.

Enhanced threat intelligence

Only Jisc has the oversight of the network providing connectivity, which offers us a unique advantage. We can gather data via live traffic analysis and other systems beyond what other commercial providers can traditionally observe. This gives us world class threat intelligence opportunities, enabling us to better support our customers in mitigating potential threats.

Rapid incident response and containment

When a security incident is detected, our SOC team will act to contain the threat and minimise damage.  We are the only provider who can ‘contain’ Janet connections during cyber incidents. Instead of physically disconnecting, we block inbound internet traffic. Our flexible containment options - full, partial, and scheduled - allow us to tailor the response to the specific situation. For example, partial containment ensures critical business, security, and recovery solutions continue functioning and significantly speeds up the recovery process.

Trusted partnership

We are your trusted sector partner. Our SOC will offer collaborative defence to share intelligence and enhance security across the education and research sector. We will provide you with enhanced control over your security systems, helping you stay one step ahead of cyber threats.

Streamlined alerts

To prevent overwhelming you with alerts, our SOC team will triage each one. We determine which threats are genuine and need your attention. This ensures that your time and resources are focused on the most critical issues.

Benefits of a managed SOC

Compliance assurance

Our SOC will help your organisation to meet regulatory requirements and follow data protection laws. We will apply security best practices and industry-standard frameworks.

Improved security posture

Our SOC's advanced technology, skilled personnel, and defined processes will help your institution to maintain a strong security posture against evolving threats.

Resource efficiency

By opting for our managed SOC, we handle the day-to-day monitoring and incident response and free up your internal teams to focus on strategic initiatives. This approach is both cost-effective and efficient, allowing you to maximise your resources.

Timeline of the SOC Project

  • SOC PoC start: November 2023
  • SOC PoC expansion: May 2024
  • SOC live beta: November 2024
  • SOC full launch: March 2025

Stay informed about the latest developments in our SOC by subscribing to updates on the security operations centre. Together, we can defend as one.

Join our SOC beta programme

As the SOC transitions from proof of concept to beta, we invite you to take part in its development and delivery. Joining our beta programme gives you early access to innovations, collaboration with Jisc and other institutions, and will help to shape the final service. Participants will benefit from discounted EDR licensing, security assessments, and bespoke pricing for the full service once it goes live.

Register your interest for our upcoming security operations centre (SOC) service and be the first to hear key updates and information.

Contact your relationship manager for more information.

Requirements for participation:

  • Use or plan to implement a supported EDR, specifically Microsoft Defender or CrowdStrike Falcon
  • Complete a technical pre-onboarding questionnaire to assess readiness for service
  • Implement Jisc’s JNRS protective DNS service

Our project partners

Meet the project team

  • Avatar headshot

    Steve Howard

    Head of product – cyber, Jisc
  • Avatar headshot

    Jess Francis

    Head of product and portfolio, Jisc
  • Avatar headshot

    Paul Knee

    Head of protective services, Jisc
  • Avatar headshot

    Simon Cooper

    Security operations manager, Jisc