In 2021, the University of Sunderland experienced a devastating ransomware attack that disrupted its services and highlighted vulnerabilities in its security posture. With over 28,000 students relying on its network, the university needed to quickly recover and ensure such an incident wouldn’t happen again. Enter CrowdStrike.
CrowdStrike’s Incident Response team worked diligently to eliminate the threat. Following the incident, the university adopted the AI-native CrowdStrike Falcon® cybersecurity platform, beginning with endpoint detection and response (EDR) to guard its 5,000 devices. The university’s confidence in CrowdStrike set the stage for a robust cybersecurity strategy with the Falcon platform at its core.
Since its customer story was first published in 2023, the University of Sunderland has expanded its protections to include CrowdStrike Falcon® Identity Protection and CrowdStrike Falcon® Cloud Security, deepening its partnership with CrowdStrike and evolving its security approach to address the challenges of a rapidly changing threat landscape.
Table of Contents
Expanding the Falcon Platform: 24/7 Security at Scale
Recognizing the complexity of securing a global, cloud-first environment, the University of Sunderland relies on CrowdStrike Falcon® Complete Next-Gen MDR, CrowdStrike’s managed detection and response service. This step allowed the university to transition from a reactive approach to cyber threats to a proactive defense model.
With Falcon Complete Next-Gen MDR, security incidents are handled rapidly by CrowdStrike experts, allowing the university’s lean IT team to focus on other priorities.
“Addressing incidents used to take us days or weeks, requiring significant hands-on effort,” said David Conway, Director of Technical Services at the University of Sunderland. “Now, thanks to Falcon Complete, issues are resolved instantly without escalating to our internal teams.”
The results for the University of Sunderland are noteworthy:
- Zero breaches since deploying Falcon Complete Next-Gen MDR
- 99% of cyber threats automatically mitigated
- Avoidance of a 10-12 person headcount increase, saving substantial costs while ensuring around-the-clock coverage
This level of efficiency has empowered the university to prioritize user education, governance, and other strategic IT initiatives, while leaving the heavy lifting of cybersecurity to CrowdStrike.
Advanced Protections for Modern Threats
In 2022, the university expanded its CrowdStrike portfolio to include Falcon Identity Protection and Falcon Cloud Security. This decision reflected a forward-thinking approach to safeguarding its environment and addressing threats across every layer of its infrastructure.
Identity protection became critical after the university recognized the growing prevalence of credential-based attacks. Falcon Identity Protection seamlessly monitors user activity and prevents unauthorized access.
“As a cloud-first institution, securing our identities is vital,” said Conway. “Falcon Identity Protection ensures we’re protected at every access point.”
Similarly, Falcon Cloud Security enabled the university to maintain visibility and control across its sprawling cloud environment. By consolidating endpoint, identity, and cloud protection on the Falcon platform, the university eliminated operational silos and fostered a collaborative approach among its IT, cybersecurity, and development teams. This unity enhanced overall security and streamlined processes, allowing teams to proactively address misconfigurations.
The Value of Threat Hunting and Intelligence
With the addition of CrowdStrike Falcon® Adversary OverWatch managed threat hunting and Recon, a capability of CrowdStrike Falcon® Adversary Intelligence, the university expanded its defense-in-depth strategy. Falcon Adversary OverWatch provides an extra layer of security, helping to ensure no stealthy threats go undetected. Meanwhile, Recon actively monitors the dark web for threats targeting the university and its senior leaders, providing actionable insights that enhance overall protection.
The university has realized tangible results from these advanced tools: Threats that previously took days to triage and remediate are now addressed in real time. Further, alerts on dark web activity allow the university to protect its senior leadership and educate them on evolving risks.
Enhancing Cybersecurity Resilience with CrowdStrike
As cybersecurity threats grow more sophisticated, the University of Sunderland is already looking ahead with CrowdStrike as its trusted partner. The university is exploring new features and services, including gaining AI-driven insights through CrowdStrike® Charlotte AI™, adding SaaS security, and automating more security operations using CrowdStrike.
“We’ve seen CrowdStrike continuously innovate, which gives us confidence that our security will remain ahead of the curve,” concluded Conway. “The adaptability of the Falcon platform ensures we’re ready for whatever challenges the future holds.”
By consolidating on the Falcon platform, the university benefits from a single agent, unified interface, and unparalleled threat protection. This partnership has protected the university’s digital infrastructure so it can focus on its mission of delivering world-class education.
Additional Resources
Leave a Reply