The university, which comprises 4,500 academics, 10,000 undergraduates and 11,000 postgraduate students in addition to thousands of support staff, was playing “wack a mole” with its cybersecurity strategy and chasing every vulnerability.
The data breach emphasised the need to take a more strategic approach to building network resilience, reducing its attack surface and making it harder for threat actors to impact its environment.
In finding a solution, the ANU turned to Gigamon to serve as one of the core platforms to implement a Zero Trust approach to cybersecurity.
The Gigamon Deep Observability Pipeline efficiently delivers the network-derived telemetry required to heighten adversary detection which the university needed to prevent future incidents and safeguard its infrastructure.
According to John Giacomini, chief revenue officer at Gigamon, the disparate and increasingly hybrid architecture at institutions such as the ANU is creating a security challenge best managed with advanced cloud, security, and observability tools.
“The firewall is never going away but it is less effective than it was 20 years ago,” Giacomini said on a recent visit to Australia.
“There’s an architectural shift happening and that means you now have a lot of disparate locations in an environment.
“You have this hybrid cloud environment, assets are internal and external and there are lot of different transport mechanisms and it takes the integration of data from multiple sources to get the transparency and visibility you need.”
This, says Giacomini, is where Gigamon comes in.
He agrees that deep observability, the company’s specialisation, is “having a moment right now.”
The security industry, he says, hasn’t been particularly good at collaborating and neither has it been sufficiently holistic in its approach to the network.
Through its collaborations with its channel partners, Gigamon can integrate its advanced deep observability pipeline with existing tools and deliver a holistic view across the network.
In many cases, such as at the ANU, this can mean that vulnerabilities can be proactively identified in days and weeks rather than months.
“Universities are organisations with issues around end point control,” says Giacomini.
“It is an environment where people are encouraged to bring devices to the office. There are a lot of international visitors and programs which are spun up.
“All these things create the potential for vulnerability, so in response you need to deliver an overarching view.”
Some Security Operation Centres (SOCs) might detect up to a million anomalies each day.
“So which ones do you look at?” asks Giacomini.
“I use the analogy of needles. Instead of one needle in a haystack we’ll give you a stack of needles.
“That stack might still be too big to triage immediately, but with good processes and our ability with network-derived telemetry that includes packet, flow, and metadata we are able to provide a filter, take a lot of noise off the wire and deliver a clean stream of actionable intelligence.”
Giacomini was in Australia to meet with its Australian client base, which comprises some of the larger corporates and a roster of major Government clients, and to attend the Gigamon 2024 Partner Awards.
The company is prioritising its partner relationships in Australia, and Prescient Solutions was named the ANZ Partner of the Year and APAC Partner of the Year.
Recognition also went to MSS Data Solutions for innovation, with Rising Star awards for Matrium Technologies in Australia and Datacom in New Zealand.
Gigamon also recognised the work of NEXTGEN, mcrIT and CyberCX.
