This cybersecurity webinar discusses strategies tailored for educational institutions, drawing lessons from Washington State’s collaborative model. It introduces Lumu, a SaaS platform designed to enhance cyber defense by illuminating threats and automating network protection. The solution integrates ‘out of the box’ with existing security investments, such as market-leading firewalls and Endpoint Detection and Response (EDR) tools. By utilizing a single virtual appliance and requiring limited agents, the platform ensures a rapid rollout, typically taking an hour or less to install and begin blocking threats immediately.
Furthermore, the webinar emphasizes how the platform addresses the inherent limitations of traditional firewalls and EDRs, which are restricted to perimeter protection and installed devices, respectively. The system employs artificial intelligence for deep correlation, identifying anomalies and probable compromises, such as unusual network communications or PowerShell-based ransomware activities. With support for Microsoft, Mac, Linux, and Chromebooks, the software provides detailed visibility into specific assets, allowing schools to orchestrate automated responses and secure their entire network efficiently, even with limited resources.
Takeaways
- Full Automation of Security Operations: Lumu automates monitoring, detection, and blocking, significantly reducing the human interaction required to manage network security tasks.
- Holistic Network Visibility: Unlike EDRs that only protect devices with installed agents, Lumu monitors everything with an IP address on the network to identify malicious communications.
- K-12 Specific Licensing Model: Districts are only charged for faculty and staff who use computers, while students and IoT network devices are covered at no additional cost.
- Near-Instant Response Time: In demonstrated incidents, the platform has shown the ability to alert a firewall and implement a block within one second of detecting malware like Cobalt Strike.
- Retrospective Data Access: Lumu stores two years of network metadata, allowing users to query historical data and identify the first point of contact with a newly discovered threat.
