Phishing for a more transparent solution
Recchia explains that in the past the ISC department’s systems and responses to security threats lacked transparency, both within the department and across the university. Since implementing Splunk Cloud as part of its technology transformation, the department is not only promoting efficiency but also providing full transparency into its processes.
Prior to adopting Splunk Cloud, the manual process of investigating a phishing email would span from hours to days. Now, the Splunk platform enables the department to generate a list of all who need to be contacted, enabling investigations to take place within minutes. This new process has given all parties involved access to the steps taken within the investigation.
“The top benefit of using Splunk Cloud is that it provides a system that promotes transparency and engagement,” Recchia says. “The platform has really opened the eyes of our peers and colleagues to the positive impact of a SIEM solution.”
Additionally, with the use of Splunk Cloud to automate processes, the department has assured that USF remains PCI-compliant. For example, alerts have been helpful both in informing employees to change their passwords at a set pattern, and in providing reminders to update their antivirus software.
“The value Splunk adds is tremendous,” concludes Recchia.“And it’s fun. When you can do something that’s fun and you strive to make your career fun, and we can map out professional development and then demonstrate value to the organization, overall, it is an amazing and rewarding investment.”