Top-ranked university uses SIEM tuning and monitoring to help defend against hacking attempts

Business Overview

Top-ranked university located in the heart of downtown Pittsburgh


  • Small security team lacked ability for 24/7 monitoring
  • Had invested in a SIEM for the university but needed expert tuning to help cut down on the “noise” generated by alarms


  • Unique partnership with Binary Defense has kept university safe and helped CISO gain regional recognition

“It was easy to get the conversation started with Binary Defense. They were very flexible to figure out what was going to work best.”

The Binary Defense Solution

  • Dedicated, expert cybersecurity analysis
  • 24/7 around-the-clock event monitoring
  • Real-time analysis of threat behavior
  • Fully integrates into your incident response process
  • Trusted extension of your team

Not just personal data, but proprietary research, makes colleges hacking targets

Set in the heart of downtown Pittsburgh, Pennsylvania, Duquesne University has received numerous academic accolades from such entities as U.S. News and World Report, Princeton Review and Bloomberg Newsweek, just to name a few. With just under 10,000 students at the undergraduate, graduate, doctoral and online levels, this academic institution is a bustling hub of activity.

Which makes it a perfect target for cyberattacks.

In addition to the personal and financial information of its students and their parents, universities are ripe with proprietary research data. It’s for this reason that hackers in countries like China have been stepping up their efforts to breach higher education institutions’ cybersecurity measures.

Information security is of increasing importance at universities, ranking at the top of the list of critical IT issues in the higher education space1. A recent survey ranks education at the bottom of the list in terms of industries that are taking proper cybersecurity measures2. Thus, universities such as Duquesne are looking for cybersecurity vendor partners that can help keep their information secure.

CISO of the Year Chooses to Partner with Binary Defense

Tom Dugas has been the Chief Information Security Officer for Duquesne since 2016. He also serves on multiple Advisory Boards in the Pittsburgh area including the Pittsburgh CIO Forum, the Association of Independent Colleges & Universities of Pennsylvania (AICUP) Security Council and the KINBER regional cybersecurity group. Dugas was also recently named the 2019 CISO of the Year by the Pittsburgh Technology Council.

The CISO of the Year award was voted on by the local Information Security community in the Pittsburgh region. “It was a pretty competitive landscape with some talented CISOs,” Dugas said. His involvement with local infosec groups, as well as the comprehensive cybersecurity system he’s put in place at Duquesne which includes the Binary Defense Security Operations Center (SOC), helped propel him to the top of the list.

When Dugas began his role at Duquesne, he was the sole dedicated security staff member at first. The university had invested in Splunk but had yet to build the Security Information & Event Management (SIEM) functionality. He knew that the organization needed more visibility and automated security alerts that enabled the team to respond around the clock to potential incidents. Dugas knew he needed a third-party Managed Security Services Provider (MSSP) to help guide them on the development, tuning and monitoring of the Splunk SIEM instance, bringing more transparency to what was happening in his security environment. He spoke to several providers, but most wanted to bring in their own SIEM rather than work with the existing environment. However, with Binary Defense, “it was easy to get the conversation started with them. They were very flexible to figure out what was going to work best.”

Once a SIEM is tuned, organizations need a 24-hour-a-day Security Operations Center (SOC) to manage and monitor the SIEM 24/7 in order to be proactive and stay on top of alerts. The costs of hiring staff to work in multiple shifts may not be realistic for most organizations. Outsourcing a SOC to a third-party vendor is a simple solution that can be cost-effective in comparison to building one in-house. This was true with Duquesne, as Dugas has a limited staff and they aren’t able to keep up with the ever-changing cybersecurity landscape.

A unique partnership

Dugas describes the relationship between his team and the team at Binary Defense as beyond a vendor relationship – it’s a partnership. “We are a unique Splunk customer in the higher education market. With Binary Defense, we have a team that can look at our environment and give us thoughtful and insightful responses to what’s happening,” Dugas said. “They’re helping us improve our posture overall.”

In addition, Dugas cites the team at Binary Defense as going above and beyond for him and his team. “Binary Defense met with our IT staff during National Cybersecurity Month to help promote our cybersecurity activities and talk about threats they are seeing and things we should be looking out for,” Dugas said. “They really go beyond the scope of just being a SIEM or a SOC.”

Additional insights help improve security overall

Finally, Dugas relies about the industry expertise Binary Defense shares with their customers. “The blacklist generated by Binary Defense has been very helpful,” said Dugas. “We can see how to incorporate that into our environment or what bad actors are communicating with us. Threat intelligence is immensely valuable and something we could never get by trying to do it on our own.” Dugas and his team subscribe to the Binary Defense Threat Watch newsletter and read it regularly.

“I tell people all the time, if you’re looking at cybersecurity, you have to call Binary Defense,” Dugas said.

Contact Support

Please complete the form below and a member of our support team will respond as quickly as possible.