Incorporating Learners into Your Security Command Center

Incorporating Learners into Your Security Command Center

In the heart of Auburn University, the Security Operations Center (SOC) has been a cornerstone of cybersecurity education for over a decade. Jay James, the SOC's Director, has been instrumental in its development, with the aim of providing students with hands-on experience in cybersecurity.

The mission of Auburn University's SOC is multifaceted, encompassing compliance, threat detection, and data protection. According to James, it's crucial to understand the reasons for creating a SOC, be it for any of these purposes or others.

Recently, Microsoft highlighted the creation of a SOC as one of the strategies in its cyber threat intelligence brief "Cyber Signals". The SOC at Auburn University is no exception, employing students to strengthen its efficacy and provide students with invaluable, real-world cybersecurity experience.

To staff the SOC effectively, a structured approach is essential. Universities can develop internship or cooperative education programs, ensuring students have a baseline understanding of cybersecurity. These programs typically involve updating resumes, formal application processes, and orientation with career coaching to align student goals with SOC needs.

Once students are onboard, they are paired with experienced SOC analysts for mentorship. This direct mentorship accelerates their learning curve and helps ensure the quality and accuracy of security event assessments and responses.

Hands-on simulated training is another key component. Using digital twin frameworks and live security monitoring platforms, students can engage in vulnerability assessments, threat detection, and incident investigation in a controlled but realistic environment. This practical training enhances their skills before or alongside live SOC work.

Performance tracking and continuous improvement are also crucial. Implementing audits of security alerts reviewed by students, with feedback loops to identify knowledge gaps and provide additional training, supports both student growth and SOC effectiveness.

Balancing student availability with SOC coverage requirements is a challenge. Having a pool of students at different skill levels and schedules, along with flexible policies, helps maintain continuous coverage while ensuring students manage their workload realistically.

To build a student-focused SOC program, a specific program tailored to students' needs should be developed. James works with professors in relevant fields to understand the skills of student SOC workers and provide additional training.

Students at the SOC get the opportunity to work on projects of their choosing, which can be beneficial for their resumes. They also learn to work in a professional environment, gaining valuable professional experience.

Connecting with departments where cybersecurity classes are housed can help with recruitment. The SOC at Auburn University helps keep the campus more secure by employing students with cybersecurity skills.

After the SOC is established, and students start to experience its benefits, they often begin to recruit new members. This organic growth is a testament to the value of the SOC program at Auburn University.

Reaching out to student organizations, such as hacking clubs, women in business, or minorities in technology clubs, can also be effective for recruitment. By providing students with a supportive, learning-focused environment, universities can foster the next generation of cybersecurity professionals.

[1] Source: https://www.ncwit.org/resources/research/co-ops-internships-and-apprenticeships-women-stem [2] Source: https://www.edutopia.org/blog/creating-student-focused-security-operations-center-james-james [4] Source: https://www.microsoft.com/en-us/security/business-productivity/cyber-threat-intelligence-briefings/cyber-signals-volume-2-2021

1. The Security Operations Center (SOC) at Auburn University, instrumental in providing students with hands-on cybersecurity experience, aims to foster the next generation of professionals by employing students as part of its strategy.
2. Universities can develop tailored internship or cooperative education programs for SOC students, ensuring they have a baseline understanding of cybersecurity and aligning student goals with SOC needs.
3. Once students are onboard, they receive direct mentorship from experienced SOC analysts, accelerating their learning curve and helping ensure the quality and accuracy of security event assessments and responses.
4. To build a supportive, learning-focused environment, universities can connect with student organizations such as hacking clubs, women in business, or minorities in technology clubs, providing students with opportunities for growth and professional development in the field of cybersecurity.

Read also: