Dushyant Sattiraju
[Deakin University]
Dushyant Sattiraju is the Cyber Security Operations Lead for Deakin University.

He holds two master’s degrees in Information Security and Business Information Systems. Over the past 8+ years at Deakin University, Dushyant was has worked in various areas in the field of ICT including Application development, Business Analytics and Security.

As a SecOps Lead Dushyant is responsible for security incident response, threat hunting, vulnerability management. He has played a key role in Deakin’s security uplift and was awarded with VC’s award for outstanding contribution to the digital environment.

Dushyant is currently working on improving the cyber security operations centre capability at Deakin university.

Keeping SOAR lean, simple and effective

2020 has been a challenging year for most of us, At Deakin our already small cyber security team got smaller as the cyber risk has only gotten bigger. This meant that we need to get more efficient.

To achieve this, we have embarked a journey on taking our cyber security operational to automate sone of the manual incident response task that the team performed. Example, notifying users when oversharing documents, locking account when there is a high confidence rate of account compromise, etc.

This presentation highlights some of the examples of low hanging tasks that can be automated and expands on Deakin’s cyber security operational journey through 4 stages.

> Prepare – To Ensure appropriate technical and non-technical controls are in place for areas including perimeter controls through to protecting people and data.
Example, in our case Cisco’s suit of security controls, KnowBe4, etc.
> Prevent – Use the appropriate controls above to prevent security incidents and cover low-hanging fruit.
Example, using Cisco’s email security appliance for spam prevention.
> Analyse– Leverage SIEM platform(s) to analyse anomalies.
> Automate – Identify patterns in alerts raise by your SIEM tool and automate response to such plays using SOAR tools.

The presentation also covers example of some of the automation play that we have incorporated and the tools that we used. This includes opensource tools like TheHive or tools that most organisations already have access to like Microsoft Power Automate.

Secure your place today!