In 2023, Oregon State University (OSU) was at the forefront of innovation, securing more than $480 million in competitive research grants. However, the spring of 2021 brought a harsh realization: even the most prestigious institutions are not immune to cyber threats. A severe security breach underscored the urgent need for robust defenses to protect critical research and personal data.
The incident exposed vulnerabilities that could no longer be ignored. “It was a wakeup call for all of us here at Oregon State University to make some changes,” says David McMorries, Chief Information Security Officer. “So much of the institution’s business now is dependent on information technology that you must provide an environment that is functional, is available, and is useful.” It was clear the institution needed to explore tools that could provide zero trust capabilities on all staff, faculty, and student devices—ensuring protections on resources on site and in the cloud.
In response to this incident, OSU meticulously evaluated the latest cybersecurity solutions available, deciding on Microsoft Security tools including:
- Microsoft Sentinel: Proactive threat detection, response, and threat hunting across the digital estate. Microsoft Sentinel aggregates data from all sources—including users, applications, servers, and devices running on premises or in any cloud—allowing school IT to access millions of records in just a few seconds.
- Microsoft Defender: Comprehensive, real-time protection against software threats like viruses, malware, and spyware across email, apps, the cloud, and the web.
- Microsoft Copilot for Security: A new, generative AI-powered assistant for daily security and IT operations that empowers teams to protect at the speed and scale of AI by turning global threat intelligence, industry best practices, and organizations’ security data into tailored insights to outsmart and outpace adversaries.
With these tools working in concert, OSU has fortified its cybersecurity infrastructure, ensuring a safer and more secure environment.
Read Oregon State University protects vital research and sensitive data with Microsoft Sentinel and Microsoft Defender to learn more.
Reducing threat response times from weeks to minutes
At OSU, their commitment to open, collaborative research coexists with the imperative to protect sensitive data and maintain the institution’s overall reputation. This delicate balance requires a cybersecurity approach that is both robust and responsive.
Partnering with Microsoft, OSU was able to widely implement tools such as Microsoft Sentinel and Microsoft Defender quite rapidly. These tools enabled the university to detect and respond to incidents rapidly, reducing response times from weeks to mere minutes. It redefined their approach, shifting from a time-consuming and reactive strategy to a more efficient and proactive one.
“The types of threats that are occurring in higher education are much more aggressive by cyber adversaries,” says Chief Information Security Officer David McMorries. “Since we’ve made this improvement by going to Microsoft Sentinel and deploying Microsoft Defender, we’ve seen a dramatic ability to detect these sorts of events and prevent many of them before they influence our institution. So, the investment that’s been made in our tooling and in our people has really paid off.”
Protection at machine speed with Microsoft Copilot for Security
Microsoft Copilot for Security is the only generative AI solution that helps security and IT professionals amplify their skillset, collaborate more, see more, and respond faster. It is available both as an immersive standalone portal and natively embedded within the existing and familiar Microsoft Security products in Microsoft 365 A5, such as Defender for Endpoint, Sentinel, and others.
In a recent research study conducted by Microsoft’s Office of the Chief Economist, experienced security analysts using Copilot were 22% faster at the common security tasks they were given, and they achieved these time savings while also increasing accuracy by 7%. However, perhaps more compelling, 97% of the experienced security analysts said they wanted to use Copilot again next time.
These gains in speed, accuracy, and sentiment mean that security and IT teams have the power to radically improve not only their work, but also their sense of job satisfaction as they find the time to work on the most critical tasks, vs. being bogged down in the more mundane part of their roles.
In a recent study conducted by Microsoft’s Office of the Chief Economist, experienced security analysts using Copilot were 22% faster at the common security tasks they were given.
These gains in speed, accuracy, and sentiment mean that security and IT teams have the power to radically improve not only their work, but also their sense of job satisfaction as they find the time to work on the most critical tasks, vs. being bogged down in the more mundane part of their roles.
View the full research study for Copilot for Security and download the Copilot Speed, Accuracy, and Sentiment infographic for more results from the study.
Copilot represents the next level in OSU’s cybersecurity evolution. With Copilot, OSU can enhance existing security frameworks, allowing for more efficient threat detection and system management. Emily Longman, manager of OSU’s Security Operations Center (SOC), expressed her optimism about the potential of Copilot, saying, “Our research is a huge priority for the university, but sometimes it can be difficult to secure, and getting vulnerability management can be difficult. But with Copilot, we can find better solutions that are more secure for those researchers and really push the limits of human knowledge and research at OSU.”
Through their Copilot pilot program, OSU is exploring the tool’s ability to complement and enhance other Microsoft security tools. By integrating Copilot with tools such as Microsoft Sentinel, they anticipate a significant shift towards automation, reducing the time analysts spend on routine incidents. This shift promises to refocus efforts on critical threats, enhancing their ability to quickly respond to and resolve security incidents.
We are excited to announce the general availability of Microsoft Copilot for Security on April 1, 2024. To learn more about Copilot for Security features and availability, visit the Copilot for Security webpage or read the blog, Microsoft Copilot for Security: General availability details.
Preparing students for an AI-driven future
The adoption of advanced AI tools like Copilot not only bolsters OSU’s cybersecurity framework but also provides invaluable learning opportunities for students. Many academic curriculums at OSU as well as most other learning institutions don’t typically include AI-type tools, so the students working for OSU’s SOC are eager to make the most of this opportunity. This exposure will significantly benefit students, preparing them for future careers in the evolving cybersecurity landscape.
“Microsoft Copilot for Security is going to expose our student employees to a cutting-edge security tool that they wouldn’t have gotten access to in any other way,” says McMorries. “So not only will our full-time employees be able to make the Security Operations Center more effective and efficient, but—as Oregon State University’s primary mission is to educate and to produce the next generation workforce—as the students learn how Microsoft Copilot for Security works, I’ll be really excited to see what kind of jobs that they are going to be lining up when they leave us.”
Learn more about Microsoft Security solutions
Use these resources to explore how Microsoft security tools can support your education institution.
- Read Oregon State University protects vital research and sensitive data with Microsoft Sentinel and Microsoft Defender to learn how OSU uses Microsoft cybersecurity tools to perform more proactive security detection procedures.
- Watch Microsoft Copilot for Security demo: Defend at machine speed to see how Copilot exhibits an incident response scenario to provide next-level enrichment and context to the security analyst performing the investigation.
- Explore the Microsoft Defender for Cloud interactive guide to learn how Microsoft 365 Defender for Cloud can help your security team efficiently maintain and protect digitally connected school environments.
- Get started with the Introduction to Microsoft Sentinel and Introduction to Microsoft Defender XDR threat protection training modules on Microsoft Learn.
- Watch the Microsoft Secure digital event on-demand and read the blog, Microsoft Copilot for Security is generally available on April 1, 2024, to catch the latest innovations and news from Microsoft Security.