IT Security performs incident management activities with the approval of University executive management and maintains a high level of expertise including incident handling certifications. We provide experienced leadership and counsel to individuals and departments faced with a security breach or an unauthorized disclosure of confidential information. The services include:
- Receipt and processing of reports of suspected security incidents
- Receipt and processing of abuse and appropriate use complaints
- Incident containment, forensics, and evidence preservation
- Coordination with law enforcement and Dean of Students (if applicable)
- Incident documentation and reporting
- Stakeholder consultation and assistance with victim notification (if applicable)
- Assistance with after-incident recovery and/or restoration and
- E-discovery (the location and retrieval of electronically stored information pursuant to a subpoena, litigation hold, or similar mandate)
Implementation and Support
- Establish and maintain the Computer Security Incident Response Team (CSIRT)
- University security incident documentation and reporting
- Incident management between and among University departments and external agencies
- Law enforcement coordination
Options
- Incident preparation, identification, containment, eradication, and recovery
- Initial response to all reported security incidents and appropriate use violations
- Tracking and logging of all incident activities
- Digital forensic investigation
- Establishing, communicating, and implementing incident recovery measures
- Incident after-action reporting, meetings, and follow up activities
- Act as a liaison between law enforcement agencies and the University
- E-discovery services
Customer Responsibilities
- Report all security incidents to IT Security
- Coordinate and cooperate with IT Security if involved in a security incident
Join the Conversation